Hi all,
we are trying to enable the SSL encryption of the traffic between the
Condor daemons in our small testing pool, but without much success.
We enabled authentication+encryption via the following variables:
SEC_DEFAULT_ENCRYPTION = REQUIRED
SEC_DEFAULT_INTEGRITY = REQUIRED
SEC_DEFAULT_AUTHENTICATION = REQUIRED
SEC_DEFAULT_AUTHENTICATION_METHODS = SSL
We then generated the certificates, and defined the following variables
with their correct contents:
AUTH_SSL_SERVER_CAFILE
AUTH_SSL_SERVER_CADIR
AUTH_SSL_SERVER_CERTFILE
AUTH_SSL_SERVER_KEYFILE
AUTH_SSL_CLIENT_CAFILE
AUTH_SSL_CLIENT_CADIR
AUTH_SSL_CLIENT_CERTFILE
AUTH_SSL_CLIENT_KEYFILE
By looking at the logs, it looks like Condor (we are using 6.7.18) does
not even try to use SSL:
7/11 16:46:50 AUTHENTICATE: no available authentication methods
succeeded, failing! 7/11 16:46:50 DC_AUTHENTICATE: authenticate failed:
AUTHENTICATE:1003:Failed to authenticate with any method
Similarly, even by using ANONYMOUS as an authentication method, we get
the same error...
Someone has an idea of why this happens? Or even better, is there some
documentation about the SSL security feature of Condor? It looks like
the documentation in this area is a little bit lacking :)
Thanks in advance for any hint! If more informations are needed, I'm
glad to provide them!
best regards,
Pascal
_______________________________________________
Condor-users mailing list
To unsubscribe, send a message to condor-users-request@xxxxxxxxxxx with a
subject: Unsubscribe
You can also unsubscribe by visiting
https://lists.cs.wisc.edu/mailman/listinfo/condor-users
The archives can be found at either
https://lists.cs.wisc.edu/archive/condor-users/
http://www.opencondor.org/spaces/viewmailarchive.action?key=CONDOR
![[Computer Systems Lab]](https://www-auth.cs.wisc.edu/pics/csl_logo.gif){kind=logo}