cert mgt
Robert Olson
olson at mcs.anl.gov
Tue Apr 1 16:41:36 CST 2003
So this stuff is ready to check in. It has the following functionality:
Detection of presence of proxy at startup
Creation of proxy if needed (*)
Creation of a user identity cert direcotry, initialized with
globus identity cert
Browsing of certificates from menu items in venue client.
This code also requires the python OpenSSL binding to be installed, which
is why I'm not committing it yet; I don't want to break everyone's code
until it's available.
The sources are in AG CVS, module pyOpenSSL. On windows, it requires an
OpenSSL build; I built against 0.9.6i (it won't compile against 0.9.7).
I built both OpenSSL and pyOpenSSL using VS6 as there are bizarre missing
symbol problems wit VS.net. I built static libs so we don't have to worry
about DLLs for now.
A binary release of the windows-compiled pyOpenSSL is in
~olson/AG/CertMgr/pyOpenSSL-0.5.1.win32-py2.2.exe.
(*) using grid-proxy-init -pwstdin, which is insecure, and requires a
grid-proxy-init to be compiled on windows. I have a project for the latter
in ~olson/AG/CertMgr/grid_proxy_init.exe that will drop into the
zipfile-based winglbous build; I don't recall the status of the winglobus
source build in ag cvs. That tarfile also has the executable in
grid_proxy_init/Debug/grid_proxy_init.exe that would need to go in
GLOBUS_LOCATION/bin/grid-proxy-init.exe.
I plan to replace this mechanism with an invocation of grid-proxy-init that
brings up its own passphrase dialog, which will greatly reduce the
potentical security hole.
More information about the ag-dev
mailing list