[AG-TECH] internal venue server

Benedikt Bjarni Bogason benedib at hi.is
Tue Jun 22 09:59:33 CDT 2004


> One question I have about all this: I'd been assuming that if your clients
> and server are all behind a firewall, that you'd need a CA of your own
> since the clients and servers couldn't communicate with a CA. But I'm
> starting to wonder if I'm mistaken. Is it enough to simply have the
> trusted CA certs, and the identity (or anonymous) certs? My hunch is that
> it's easier to figure out how to get the cert requests to work from behind
> a firewall than to get the Venue Client, media tools, shared apps, etc to
> do so.
>
> - Jennifer


Yes, I think also that we don't necessarily have to have our own CA. I've
already set up my own server (on windows, just as a test), and after I was
able to get the certificates (making the certificate manager using our
proxy to connect to the internet) the server and clients worked without
any problems within our firewall. So there doesn't seem to be any need to
for the clients to connect to the internet until the certificates are out
of date. But it would be cleaner if the never needed to do so at all, and
that means having our own CA.

As always, I appreciate any feedback,
Benedikt.




>
> Chris Willing wrote:
>
>> On Tue, 2004-06-22 at 21:05, Benedikt Bjarni Bogason wrote:
>>
>>>Thank you for the tips, does anyone else have any success stories he or
>>>she would like to share with me, regarding setting up a linux venue
>>>server?
>>>
>>>To follow up, when I have successfully set up the linux server (I've
>>>actually already managed to set up a windows one) I will probably be
>>>trying to set up a certificate server as well. And again would
>>> appreciate
>>>ANY tips you can spare, if you have gone through that process on a linux
>>>machine.
>>>
>>>
>>
>>
>> The Asia Pacific Access Grid venue server at
>> https://vv2.ap-accessgrid.org:8000/Venues/default has been running for
>> over a year on a Slackware Linux system. It has been using Slackware 9.1
>> with the AG2.1.2 release since January 2004. Before that, it was on
>> Slackware 9.0 and AG2.1 (from September 2003), not sure which AG2
>> version before that.
>>
>> Its been running almost trouble free in that time. It has had instances
>> of losing its configuration, so I'm careful about keeping a backup handy
>> of VenueServer.cfg & VenueServer.dat (from the directory in which the
>> server is run).
>>
>> We use it with an anonymous certificate from AG Developers, haven't
>> tried generating our own certificates.
>>
>> The AG2.1.2 release for Slackware is available at
>> http://www.ap-accessgrid.org/AG2/. We're working on a release of AG2.2
>> for Slackware at the moment (currently testing).
>>
>>
>> chris
>>
>>
>
>




More information about the ag-tech mailing list