[AG-USERS] AG 3.2 Stable Release Certificate Import Issue

Thomas Uram turam at mcs.anl.gov
Wed Sep 29 10:12:32 CDT 2010 

Hi Satya:

I assume these are certificate files that you've generated, since they're not included in the default set of CA certificates.

I expect that the problem is that the serial number is too big. While the X509 standard allows the serial number to be larger than an int, the AG code is not, as indicated by the error you encountered. We have seen `a similar failure with later versions of Python, so the problem would need to be fixed in multiple places (AG and probably m2crypto). You can check the serial number using openssl:

openssl x509 -in ce525023.0 -serial

When you generate the CA certificate, you can specify the serial number. If you can regenerate the CA cert, I'd recommend doing so.

Tom



On Sep 28, 2010, at 4:08 AM, N. Satyanarayana wrote:

> Hi,
> 
> When I tried to import trustedCA files {ce525023.0} and
> {ce525023.signing_policy} files from ManageCertificates I am getting
> following error. Please let me know how to resolve the issue. I am able to
> use above trusted CA files with 3.1 without any problem.
> 
> I installed AG from AG3.2_bundled_installer_v3_0.exe file.
> 
> Log File Details follows:
> --------------------------
> 
> 09/28/10 14:31:20 4460 Toolkit     config.py:685 DEBUG retrieved local IP
> address 192.168.51.185
> 09/28/10 14:31:20 4460 Toolkit     toolkit.py:117 DEBUG Initializing AG
> Toolkit version 3.2 
> 09/28/10 14:31:20 4460 Toolkit     toolkit.py:118 INFO  Command and
> arguments: ['C:\\Program Files\\AGTk-3\\bin\\CertificateManager3.py']
> 09/28/10 14:31:20 4460 VenueClient     preferences.py:206 DEBUG
> Preferences.LoadPreferences: open file
> 09/28/10 14:31:20 4460 Toolkit     toolkit.py:167 INFO  Logfile Name:
> CertificateManager.log
> 09/28/10 14:31:20 4460 CertificateManager     certificatemanager.py:212
> DEBUG Opened repository C:\Documents and Settings\satya\Application
> Data\AccessGrid3\Config\certRepo
> 09/28/10 14:31:20 4460 Toolkit     toolkit.py:473 INFO  Initialized
> certificate manager.
> 09/28/10 14:31:21 4460 CertificateManager     certificatemanager.py:575
> DEBUG Configuring standard environment
> 09/28/10 14:31:21 4460 CertificateManager     certificatemanager.py:625
> DEBUG Using default identity
> /O=Grid/OU=GlobusTest/OU=simpleCA-elearn/CN=satya
> 09/28/10 14:31:45 4460 CertificateManagerWXGUI    
> importexportutils.py:768 ERROR Error importing certificate from
> C:\Documents and Settings\satya\Desktop\satya\ce525023.0
> Traceback (most recent call last):
>  File
> "C:\Python24\lib\site-packages\AccessGrid3\AccessGrid\Security\wxgui\ImportExportUtils.py",
> line 755, in ImportCACertificate
>    certFile)
>  File
> "C:\Python24\lib\site-packages\AccessGrid3\AccessGrid\Security\CertificateManager.py",
> line 348, in ImportCACertificatePEM
>    impCert = repo.ImportCertificatePEM(cert)
>  File
> "C:\Python24\lib\site-packages\AccessGrid3\AccessGrid\Security\CertificateRepository.py",
> line 638, in ImportCertificatePEM
>    path = self._GetCertDirPath(cert)
>  File
> "C:\Python24\lib\site-packages\AccessGrid3\AccessGrid\Security\CertificateRepository.py",
> line 940, in _GetCertDirPath
>    cert.GetIssuerSerialHash())
>  File
> "C:\Python24\lib\site-packages\AccessGrid3\AccessGrid\Security\CertificateRepository.py",
> line 1507, in GetIssuerSerialHash
>    serial = struct.pack("l", self.cert.get_serial_number())
> OverflowError: long int too large to convert to int
> 
> Regards,
> Satya
> -- 
> N. Satyanarayana
> Centre for Development of Advanced Computing (C-DAC)
> No. 1, Shivbagh
> Ameerpet
> Hyderabad - 500 016
> 
> (Off) +91-40-23737124/25
> 
> 
> 
> -- 
> This message has been scanned for viruses and
> dangerous content by MailScanner, and is
> believed to be clean.
>

More information about the ag-users mailing list