From T3_KR_KNU
Revision as of 06:04, 14 May 2009 by Hanbi (Talk | contribs)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

How to request a DOEGrids Personal Certificate?

o Export or 'backup' your certificate. The interface for this varies from browser to browser. Internet Explorer starts with "Tools -> Internet Options -> Content"; Netscape Communicator has a "Security" button on the top menu bar; Mozilla starts with "Edit -> Preferences -> Privacy and Security -> Certificates". The exported file will probably have the extension .p12 or .pfx.
o Guard this file carefully. Store it off your computer, or remove it once you are finished with this process.
o Copy the above PKCS#12 file to the computer where you will run grid-proxy-init.
o Extract your certificate (which contains the public key) and the private key:
o Certificate: openssl pkcs12 -in YourCert.p12 -clcerts -nokeys -out $HOME/.globus/usercert.pem
o To get the encrypted private key : openssl pkcs12 -in YourCert.p12 -nocerts -out $HOME/.globus/userkey.pem You must set the mode on your userkey.pem file to read/write only by the owner, otherwise grid-proxy-init will not use it(chmod go-rw $HOME/.globus/userkey.pem).
Retrieved from "http://t2-cms.knu.ac.kr/wiki/index.php?title=DOE_Certificate&oldid=1374"