[AG-TECH] VenueServers & Cert Proxis q
Ivan R. Judson
judson at mcs.anl.gov
Tue Mar 23 15:47:17 CST 2004
Hey Fred,
> i've been dabbling with a venue server on one of our
> machines. it seems that when my Proxi expires, the server,
> while still running, stops working.
> am i getting that right?
> what's the standard way to deal with Proxi life and Venue servers?
Cool; good for you! The short answer is, service certificates will solve
this. Service certificates are certificates that are issued with no
passphrase. They are intended for long running services, hence the name. We
are supporting service certificates, (the request, retrieval, and use of
them) in the coming release. For now, I'd just keep track of my proxy hours
and perhaps bump the value up for the server you're running.
> also, a related question. i've ported my own cert to a few
> places, including our room node. how do people normally
> handle production nodes that can have any number of people
> firing them up. should i request a certificate for the Node,
> rather than a cert for each potential node op?
Please don't :-). The way we want to see this evolve and the next release
should help alleviate this too. Is that the Node Service and Service
Managers can run with service certificates (ideally they'll run at machine
startup). Users will need valid identity certificates to use the venue
client, but they will not use that certificate to start the node services.
--Ivan
More information about the ag-tech
mailing list