[AG-TECH] Trouble with service certs
John Hodrien
johnh at comp.leeds.ac.uk
Fri Jul 16 10:32:46 CDT 2004
On Fri, 16 Jul 2004, Frank Sweetser wrote:
> On Fri, Jul 16, 2004 at 03:22:11PM +0100, John Hodrien wrote:
>> On Fri, 16 Jul 2004, Ivan R. Judson wrote:
>>
>>> The first and most important thing is that you can't telnet into the
>>> services we've built. They are using the the certificates to negotiate
>>> secure encrypted communication. As such, the first thing that needs to
>>> happen is a protocol negotiation (that's binary I believe, or at least
>>> opaque).
>>
>> Yes you can. I'm a developer of Grid based software systems so I know what
>> you can and can't do, and this is one I use happily all the time. I'm not
>> trying to talk to the system, merely check that it's behaving. A service
>> should not immediately close the port when it gets no data, that's a bad
>> sign.
>
> The last time I saw this, it turned out that only the public half of my AG
> certificate was imported. When it tried to read the private key portion, it
> couldn't find the files, and exited in this mysterious way. I don't recall if
> I bugzilla'd this or not...
Nothing was obvious in the debug output, it seemed happy, but that would fit
in someways. If I run a grid-proxy-init using the cert/key pair (as reported
by certmgr.py) then it works just dandy.
jh
--
"Love is a state in which a man sees things most decidedly as they are not."
-- Nietzsche
More information about the ag-tech
mailing list