[AG-TECH] AG Certificate problems

David Cortijo dcortijo at bnl.gov
Thu Dec 9 03:50:08 CST 2004

     I checked on that.  Each operator for the node has a separate login 
to the machines, and as a result, doesn't have access to the 
certificates of the other operators.  It's not a pressing issue for me - 
my certificate isn't going to see heavy use apart from testing (I 
administer the machines rather than operate them for meetings), but I'm 
curious as to why this is an issue.
     I plan on migrating the entire system over when I have a few days 
to reconfigure hardware (going to do a test run with the Debian 
installation and the 2.3 Toolkit), but having access to the Windows side 
as a comparison was one of those things I was relying on.  If I just 
apply for another certificate, that might fix things, but I don't know.

Natalia Costas Lago wrote:

> just as something to try,.... maybe u have loaded more than ur 
> personal ID (the certificate of other node operator is loaded as 
> well).. and the other certificate is being used as the default one?
> ----- Original Message ----- From: "David Cortijo" <dcortijo at bnl.gov>
> To: <ag-tech at mcs.anl.gov>
> Sent: Wednesday, December 08, 2004 4:00 PM
> Subject: [AG-TECH] AG Certificate problems
>> I tried to log in with a new certificate today and received the 
>> message below.  We're currently using AGToolkit 2.1.2 on mixed 
>> Windows (2000 and XP) machines.  My passphrase is correct - in fact, 
>> any time I put in an invalid pass, it spits out a more generic 
>> message (forgot to copy it and now I'm on another machine).  Any 
>> ideas what might be causing this?  And before anyone suggests it, I 
>> know the node's Toolkit needs to be upgraded. We simply haven't had 
>> the time.
>> David Cortijo
>> Brookhaven National Laboratory
>> Error Message:
>> Creating globus proxy for /O=Access
>> Grid/OU=agdev-ca.mcs.anl.gov/OU=bnl.gov/CN=David Cortijo
>> Passphrase:
>> Lifetime in hours [12]:
>> Keysize [1024]:
>> Your identity: /O=Access 
>> Grid/OU=agdev-ca.mcs.anl.gov/OU=bnl.gov/CN=David Cortijo
>> user_key loaded
>> user_proxy cert_chain
>> verify failed
>> Error:
>> -->
>> error:80066421:lib(128):verify_callback:cannot find CA certificate 
>> for local 
>> credential:\software\AccessGrid\WinGlobus\source\gsi\ssl_utils\library\sslutils.c:2140 
>> Got error verify_callback-->
>> error:80066412:lib(128):verify_callback:certificate::\software\AccessGrid\WinGlobus\source\gsi\ssl_utils\library\sslutils.c:2706 
>>        subject=/O=Access 
>> Grid/OU=agdev-ca.mcs.anl.gov/OU=bnl.gov/CN=David Cortijo
>>        issuer =/O=Access Grid/OU=agdev-ca.mcs.anl.gov/CN=Access Grid 
>> Developers CA
>> Invalid passphrase.

More information about the ag-tech mailing list