Association with the gilda virtual organization
This presentation is the property of its rightful owner.
Sponsored Links
1 / 22

Association with the Gilda Virtual Organization PowerPoint PPT Presentation


  • 73 Views
  • Uploaded on
  • Presentation posted in: General

Association with the Gilda Virtual Organization. Certificate,VO membership, and MyProxy Server usage. Content.

Download Presentation

Association with the Gilda Virtual Organization

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -

Presentation Transcript


Association with the gilda virtual organization

Association with the Gilda Virtual Organization

Certificate,VO membership, and MyProxy Server usage


Content

Content

  • Part1: Request and download a certificate.(The certificate will be created in your browser in pk12 format. However the P-Grade Portal uses certificates in pem format, therefore you must convert the certificate file and additionally generate an associated private key file – also in pem format )

  • Part2:Request Gilda VO membership upon your existing pk12 certificate in your browser ( will not be accepted immediately )

  • Part3: Creation and usage of a Myproxy Account using the P-Grade Portal


General remark

General remark:

  • Gilda is an insulated educational Test bed.

  • It has the advantage that it has an own Certificate Authority (CA) which issues Certificates without real personal identification.

  • It has the drawback that these type of certificates have been issued by the Gilda CA are not accepted by other VO-s of the EGEE Grid community.


Part 1 get certificate

Part 1. Get Certificate

  • 1.Go here: https://gilda-security.ct.infn.it/CA/mgt/restricted/ucert.php

  • 2. Fill the form:

  • 3. Wait for email!

Click on the “Submit the request” button


First e mail notification from gilda

First E-mail notification from Gilda :

Go here, to download the certificate in your browser.


Download certificate from your browser in case of firefox

Download Certificate from your Browser( in case of Firefox)

Step 1. Go to Options/Advanced/View Certificates in your Firefox browser

Step 3. You will be prompted to store the certificate file in the local file system

Step 4. You will be prompted to protect certificate file with a “Backup password”

Step 2. Select the gilda certificate and hit button “Backup”


Create the pem files on the local machine using openssl

Create the pem files on the local machine using “openssl”

Step1: Create the certificate file “gildausercert.pem” from the pk12 file “gilda1.p12” gained from the browswer:

openssl pkcs12 -in gilda1.p12 -clcerts -nokeys -out gildausercert.pem

Note: Backup password (see previous slide) will be requested!

Step2: Create the private key file “gildauserkey.pem” from the pk12 file “gilda1.p12” gained from the browswer:

openssl pkcs12 -in gilda1.p12 -nocerts -out gildauserkey.pem

Note 1: Backup password will be requested!

Note 2: You will be prompted to define a new password in order to protect the “userkey.pem” file to be created (This password worth to be remembered on long run! It will be required when you upload your certificate on a MyProxy server. See Slide 17)


Part 2 request gilda vo membership

Part 2 Request Gilda VO membership

  • Caveat ! Use the same browser in which you have received the Gilda certificate.

  • Step 1 accept the rules

  • Step 2 request VO membership

  • The proper links are in the received e-mail


First e mail notification from gilda vo request step1

First E-mail notification from Gilda: (VO request/ Step1)

Go here to see and accept the rules governing the Gilda community


Form of gilda use policy to be accepted

Form of Gilda Use Policy to be accepted

Accept the rules governing the Gilda community


First e mail notification from gilda vo request step2

First E-mail notification from Gilda: : (VO request/ Step2)

Go to the link to get the VO membership request form


Request form of gilda vo membership

Request form of GILDA VO membership

Confirm the registration

You will get a second letter prompting you to confirm your request:


Second letter from gilda

Second letter from Gilda:

Go to the link (using the browser with the Gilda certificate) to conform the request

You have to wait for a third letter:


Third letter from gilda

Third letter from Gilda:


Part 3

Part 3.

  • The certificate and private key pem files will be used to create a user account on a MyProxyServer

  • This account will be used to download a short term ProxyCertificate on the P-Grade Portal Server when a workflow submission is needed

    Operations related Part 3 will be executed on the P-Grade Portal


Main view of certificate portlet

Main view of Certificate Portlet

Button “Upload” will be used to create a user certificate account on the a MyProxy server


Create a user account on a myproxy server

Create a User Account on a MyProxy server

These files have been defined on Slide 7.

This password has been defined on Slide 7.

URL of selected MyProxyServer

URL of selected MyProxyServer

Define a password for the User Account

Define a name for the User Account

Confirm the creation of the User Account


Myproxy user account created

MyProxy User Account created!

Button “Download” will be used to create short time proxy certificates on the base of the created User Account.


Create and download a short term proxy certificate from a myproxy server

Create and download a short term proxy certificate from a MyProxy server

URL of selected MyProxyServer

URL of selected MyProxyServer

Password of the User Account

Confirm the creation and downloading of a proxy certificate on to the Portal Server

Name of the User Account has been defined on Slide 17.


Confirmation of the successful download of the proxy certificate

Confirmation of the successful download of the Proxy Certificate

The system prompts you to associate a Virtual Organization to the existing short term proxy certificate


Associate a vo with the selected short term proxy certificate

Associate a VO with the selected short term Proxy Certificate

Caution: As the base certificate is restricted to the Gilda infrastructure (see Slide 3) only the associated “gilda_GLITE_BROKER” is worth to be selected


Closing remark

Closing Remark

  • To ensure the security chain three different passwords have been used:

  • “Backup password” to protect the downloaded Certificate file. (Slides 6, 7)

  • Private Key File path phrase to protect Certificate in pem format (Slides 7, 17)

  • The password to protect the User Account on the MyProxy Server (Slides 17, 19 )


  • Login