Cert Management & Update source |
The GetCerts interim packageThis package contains one perl script get_certificates, that contains the CA configuration for Globus. The script will download or refresh the CRL from a plain http url and write a ca-signing-policy.conf file for you. Provided, of coarse, that the config information in the script is set correctly. Please see the first comments in the script for brief usage information. Running get_certificates will overwrite your ca-signing-policy.conf file!The script will also check for the following common events:
perl ./getcerts.pl --reloadcerts=cnrs-top --nowNote that not all CA certs are available on-line in a retreivable fashion. You should not use the ca certs included as-is[1], since this poses a security risk. Please download the CA certs yourself, verify their integrety and only then store them in the directory with the proper name. I accept no responsibility with regard to the actual certs in the package. You can always verify them using the DataGrid WP6 web pages.
Delays?The script will wait up to 10 minutes before staring the process. This will help balancing the load on the CA web servers if end-users start running this script from crontab (usually people are not very inventive in picking a time-to-start).
RequirementsFor the script to work properly, you need OpenSSL installed (at least version 0.9.5a) and have a perl5 installation with the packages LWP::UserAgent and HTTP::Request installed (the standard ASIS distribution from CERN will do fine).Comments to: David Groep.
DownloadMost recent version is . Download:
Comments to David Groep |