Download
ihep grid ca status report n.
Skip this Video
Loading SlideShow in 5 Seconds..
IHEP Grid CA Status Report PowerPoint Presentation
Download Presentation
IHEP Grid CA Status Report

IHEP Grid CA Status Report

392 Views Download Presentation
Download Presentation

IHEP Grid CA Status Report

- - - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript

  1. IHEP Grid CA Status Report F2F Meeting8 Mar. 2010 Wei Zhu(zhuw@ihep.ac.cn) Computing Centre, IHEP,CAS,China

  2. Outline • IHEP Grid CA Overview • Current status of CA operation • Update status

  3. IHEP Introduction • IHEP——Institute of High Energy Physics, CAS, China • The major institute conducts high energy physics experiments in China

  4. IHEP Grid CA Introduction • The IHEP CA is established and managed by IHEP Computing Center in Beijing and has been running since 2004. • The IHEP CA is an accredited member of both EUGridPMA and APGridPMA. • Web site • https://gridca.ihep.ac.cn/ • CA certificate • https://gridca.ihep.ac.cn/cacert/index.html

  5. IHEP Grid CA Introduction • Person Certificate: C=CN/O=HEP/O=IHEP/OU=CC/CN=zhu wei • Host Certificate: CN=CN/O=HEP/O=IHEP/OU=CC/CN= host/voms.ihep.ac.cn • CRL Policy • https://gridca.ihep.ac.cn/crl/index.html • The lifetime of CRL is 30 days. • CRL is reissued 7 days before expiration even if there have been no revocation. • Last Update: Feb 09 08:32:56 2010 GMT

  6. Current status of CA operation • Personal/Host/Service Certificate: Submit application form for verification, then complete online request procedure step by step. Establish a Specialized CA Room • Only one person has the key to the CA room , and the other has the key to the CA Computer.

  7. Current status of CA operation The following events are recorded and archived: • All requests for certificates • All issued certificates • All requests for revocation • All issued CRLs • Login/logout/reboot of the CA machine • All notifications sent by the CA • Logs for data exchange between CA and RA • Archives are stored in an offline media which is stored in a safe box. Only RA and CA operators can access them.

  8. Authentication Accept request, communicate with CA Current status of CA operation • Staff structure Security Officer RA Operator CA Operator helpdesk Private key management Issue certificate

  9. Update status Number of issued certificates CooperationOrganizations Last update: Feb 10 09:18:36 2010 GMT

  10. Update status • Due to a power supply maintenance for the whole computing room, the IHEP CA website is unavailable from Sep/15/2009 06:30(CST) to Sep/17/2009 18:00(CST). • Some needed webservice port was unopened after the whole adjustment on the export firewall. • The new portable hard drive replace the old one. • Plans to change the CA room.

  11. Thanks Thank you!