cert request
Eric Olson
eolson at mcs.anl.gov
Tue Sep 2 14:59:37 CDT 2003
In relation to one of the pending cert requests:
Last week, we asked Wesley to include a First and Last name, but the new
request has CN=Wesley at ETI. Maybe this is because his real name may
not translate into English or because our instructions are unclear?
So do we sign this cert?
(We also suggested that he use 2.1.1 instead of 2.1 since the domain was
"my.domain" in the previous request -- this may have added some confusion)
I pasted the e-mail we sent to him last week just below this.
Eric
__Begin Email Response__________________________________________________
Hi Wesley,
Tom suggested you might be using AccessGrid version 2.1 (instead of the
newest 2.1.1). There were enough improvements last week that we released
2.1.1 last Friday. If you want to try 2.1.1, it should work better for
you in general. We'll be sure to sign your cert as soon as we see it come
in.
Thanks,
Eric
---------- Forwarded message ----------
Date: Mon, 25 Aug 2003 11:24:59 -0500
From: Thomas D. Uram <turam at mcs.anl.gov>
To: Eric Olson <eolson at mcs.anl.gov>
Cc: ag-dev at mcs.anl.gov
Subject: Re: Cert Req: O=Access Grid, OU=agdev-ca.mcs.anl.gov,
OU=my.domain,
CN=Wesley
I've seen certs with my.domain, too. They might have been generated
with the 2.1 cert req tool, instead of the 2.1.1.
Tom
Eric Olson wrote:
>Wesley,
>Can you please request a new certificate with the "Domain" set to
>eti.hku.hk? Also, please include both your first and last name in the
>"Name" field.
>Thank you,
>Eric Olson
>eolson at mcs.anl.gov
>
>
>
>
---End Email response-----------------------------------------------------
---------- Forwarded message ----------
Date: Mon, 1 Sep 2003 03:50:52 -0500
From: judson at mcs.anl.gov
Reply-To: agdev-ca at mcs.anl.gov
To: agdev-ca at mcs.anl.gov
Subject: Cert Req: O=Access Grid, OU=agdev-ca.mcs.anl.gov, OU=eti.hku.hk,
CN=Wesley at ETI
A new certificate has been requested for:
Subject: O=Access Grid, OU=agdev-ca.mcs.anl.gov, OU=eti.hku.hk, CN=Wesley at ETI
Email: wyip at eti.hku.hk
Instructions for signing certificates:
--------------------------------------
In order to sign this certificate please execute the following commands from a machine on the MCS network.
> ssh fl-caserver.mcs.anl.gov
> cd /disks/space0/agdev-ca
> sudo -H bash
> ./sign_certs.sh
Then you'll be prompted for your password to copy the pending requests locally to the CA server. Then you'll be prompted for the CA signing password for each cert you sign. Then you'll be prompted for your password to copy all the newly signed certs back to the web accessible directory.
-- The AG Dev CA Service
-----BEGIN CERTIFICATE REQUEST-----
MIIB0DCCATkCADBfMRQwEgYDVQQKEwtBY2Nlc3MgR3JpZDEdMBsGA1UECxMUYWdk
ZXYtY2EubWNzLmFubC5nb3YxEzARBgNVBAsTCmV0aS5oa3UuaGsxEzARBgNVBAMU
Cldlc2xleUBFVEkwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAMrHtFdKq7d8
83lVUBlA9a9cAsASM5hONuM3EY9SzjW+iglK25rP8hAnHooEO08dcq2Z5gmUn3zp
Kzsc4TarLFjFiUxgWWorSomOH6KHyuquylrRb1FR+4oops8o4gM0zdQl9VjpHAvK
C09dvUOfOzIemfWBbpXJYx5Tj6I3OQUZAgMBAAGgMjAwBgkqhkiG9w0BCQ4xIzAh
MBEGCWCGSAGG+EIBAQQEAwIE8DAMBgNVHRMBAf8EAjAAMA0GCSqGSIb3DQEBBAUA
A4GBAGg9RfhUzjDuuzI31hT0nQGxFT2QbGUyRLDwcYYtaKFOUaIigd8FqkRhjpgA
oy0l87ZgEYqMq8FLFbio0motFSXrcoEXl+/p/heD4BtXF8G0cB0XGET0PuJetA0W
Sh0q8xSE7k/xH72IJAmMXuR1X/mFFLd5Ypcj/AW36kZiK2GE
-----END CERTIFICATE REQUEST-----
------------- OpenSSL Dump -------------
Certificate Request:
Data:
Version: 0 (0x0)
Subject: O=Access Grid, OU=agdev-ca.mcs.anl.gov, OU=eti.hku.hk, CN=Wesley at ETI
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public Key: (1024 bit)
Modulus (1024 bit):
00:ca:c7:b4:57:4a:ab:b7:7c:f3:79:55:50:19:40:
f5:af:5c:02:c0:12:33:98:4e:36:e3:37:11:8f:52:
ce:35:be:8a:09:4a:db:9a:cf:f2:10:27:1e:8a:04:
3b:4f:1d:72:ad:99:e6:09:94:9f:7c:e9:2b:3b:1c:
e1:36:ab:2c:58:c5:89:4c:60:59:6a:2b:4a:89:8e:
1f:a2:87:ca:ea:ae:ca:5a:d1:6f:51:51:fb:8a:28:
a6:cf:28:e2:03:34:cd:d4:25:f5:58:e9:1c:0b:ca:
0b:4f:5d:bd:43:9f:3b:32:1e:99:f5:81:6e:95:c9:
63:1e:53:8f:a2:37:39:05:19
Exponent: 65537 (0x10001)
Attributes:
Requested Extensions:
Netscape Cert Type:
SSL Client, SSL Server, S/MIME, Object Signing
X509v3 Basic Constraints: critical
CA:FALSE
Signature Algorithm: md5WithRSAEncryption
68:3d:45:f8:54:ce:30:ee:bb:32:37:d6:14:f4:9d:01:b1:15:
3d:90:6c:65:32:44:b0:f0:71:86:2d:68:a1:4e:51:a2:22:81:
df:05:aa:44:61:8e:98:00:a3:2d:25:f3:b6:60:11:8a:8c:ab:
c1:4b:15:b8:a8:d2:6a:2d:15:25:eb:72:81:17:97:ef:e9:fe:
17:83:e0:1b:57:17:c1:b4:70:1d:17:18:44:f4:3e:e2:5e:b4:
0d:16:4a:1d:2a:f3:14:84:ee:4f:f1:1f:bd:88:24:09:8c:5e:
e4:75:5f:f9:85:14:b7:79:62:97:23:fc:05:b7:ea:46:62:2b:
61:84
------------- Calling environment -------------
EMAIL wyip at eti.hku.hk
CONTENT_LENGTH 931
HTTP_USER_AGENT xmlrpclib.py/1.0.0 (by www.pythonware.com)
SERVER_PORT 80
SERVER_NAME www-unix.mcs.anl.gov
REMOTE_ADDR 147.8.185.112
SERVER_PROTOCOL HTTP/1.0
SERVER_SOFTWARE Apache/1.3.27 (Unix) mod_ssl/2.8.12 OpenSSL/0.9.6a PHP/4.2.3 mod_perl/1.25
REMOTE_PORT 1347
SCRIPT_FILENAME /homes/judson/public_html/certReqServer.cgi
SERVER_ADMIN webmaster at mcs.anl.gov
SCRIPT_NAME /~judson/certReqServer.cgi
SERVER_SIGNATURE <ADDRESS>Apache/1.3.27 Server at www-unix.mcs.anl.gov Port 80</ADDRESS>
REQUEST_METHOD POST
HTTP_HOST www-unix.mcs.anl.gov
CONTENT_TYPE text/xml
GATEWAY_INTERFACE CGI/1.1
QUERY_STRING
PATH /bin:/usr/sbin:/etc:/usr/X11R6/bin:/usr/bin:/sbin:/usr/adsm:/soft/com/packages/insure++-5.2/bin.linux2:/software/linux-2/com/packages/matlab-r13.1/bin:/soft/com/packages/totalview-5.0.0-4/toolworks/totalview.5.0.0-4/linux-x86/bin:/soft/apps/packages/antiword/bin:/mcs/bin:/usr/local/bin:/software/common/bin:/soft/apps/bin:/soft/gnu/bin:/soft/com/bin:/soft/adm/bin:/homes/tstacey/bin/linux-2:/homes/tstacey/bin:/mcs/adm/bin:/my/bin:/soft/adm/bin:/software/common/adm/bin:/mcs/adm/bin:/usr/local/adm/bin:/soft/com/packages/absoft-7.5/opt/absoft/bin:/soft/com/packages/bitkeeper
REQUEST_URI /~judson/certReqServer.cgi
SERVER_ADDR 140.221.9.215
DOCUMENT_ROOT /disks/www-servers/www-unix/linktree
More information about the ag-dev
mailing list