[Swift-devel] Re: coasters and CAs
Ben Clifford
benc at hawaga.org.uk
Tue May 27 06:12:59 CDT 2008
On Mon, 26 May 2008, Mihael Hategan wrote:
> > Running coaster to the local site (test/sites/coaster/coaster-local.xml)
> > this runs OK if the CA cert is in the default CA directory
> > (~benc/.globus/certificates in my case). However, it looks like if the CA
> > is not in the default CA directory, it is not picked up by the coaster
> > service from the setting of X509_CERT_DIR.
>
> It's normal. Your local X509_CERT_DIR should not apply to the "remote"
> site. If you want that to be set, stick it as remote env variable in
> sites.xml or so.
In general it shouldn't.
In the specific case of provider-local, though, the "remote site"
environment is configured by the remote site sysadmin by setting variables
in the submit side environment (rather than for example in the case of
GRAM2 setting them in /etc/xinetd.d/). That is the use of X509_CERT_DIR
that I am making here.
And indeed X509_CERT_DIR *is* passed through when using provider-local.
Setting it in the sites.xml file also causes it to be set when using
provider-local (though in that case it appears to obliterate the
containing environment entirely too). But the same missing CA problem
happens anyway.
Pretty much I think this should behave the same as GLOBUS_TCP_PORT_RANGE
which was discussed here:
http://mail.ci.uchicago.edu/pipermail/swift-devel/2008-April/002982.html
--
More information about the Swift-devel
mailing list