[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Condor-users] Birdbath SSL config problem.




Okay that worked to a point. Now I'm stuck with the authentication. I followed the steps that were listed in the condor birdbath presentation. Are there any issues with developing the client on windows and having condor on a linux box. I just wanted to check to make sure the steps of setting up the certs is correct and setting up java from the time the power point example was generated.







Matthew Farrellee wrote:
David,

I'm sorry about this, but it looks like 6.8 shipped with incorrect names for the mapfile parameters. The proper names are SEC_CANONICAL/USER_MAPFILE as you are using, but in the code they are actually CERTIFICATE_MAPFILE and USER_MAPFILE. Please use CERTIFICATE/USER_MAPFILE for now.

Best,


matt

On Sep 6, 2006, at 1:16 PM, David Braun wrote:

Does anyone have any insight into what is miss configured.
CERTIFICATE_MAPFILE is not set in condor_config.


userfile::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
(.*) \1
mapfile:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
.*emailAddress=(.*)@purdue.edu \1

condor_config (part of):::::::::::::::::::::::::::::::::::::::
WEB_ROOT_DIR              = $(RELEASE_DIR)/web
ENABLE_SOAP               = TRUE
ENABLE_WEB_SERVER         = TRUE

SCHEDD_ARGS               = -p 12000

COLLECTOR_SOAP_SSL_PORT   = 1979
SCHEDD_SOAP_SSL_PORT      = 1980
SOAP_SSL_SERVER_KEYFILE   = /opt/condor/certs/keyfile
SOAP_SSL_CA_FILE          = /opt/condor/certs/demoCA/cacert.pem
SCHEDD_ENABLE_SOAP_SSL    = TRUE
COLLECTOR_ENABLE_SOAP_SSL = TRUE
SEC_CANONICAL_MAPFILE     = /opt/condor/mapfile
SEC_USER_MAPFILE          = /opt/condor/userfile

# allow every one access to soap
ALLOW_SOAP                = *
# trust all users and allow them to queue
QUEUE_ALL_USERS_TRUSTED   = TRUE
ENABLE_SOAP_SSL           = TRUE

Log File:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
9/6 14:07:33 Using config source: /opt/condor/etc/condor_config
9/6 14:07:33 Using local config sources:
9/6 14:07:33    /opt/condor/local.kusanagi/condor_config.local
9/6 14:07:33 Running as root.  Enabling specialized core dump routines
9/6 14:07:33 Current Socket bufsize=63k
9/6 14:07:33 Current Socket bufsize=16k
9/6 14:07:33 Reset OS socket buffer size to 127k
9/6 14:07:33 DaemonCore: Command Socket at <128.210.189.162:9618>
9/6 14:07:33 ERROR "DaemonCore: No CERTIFICATE_MAPFILE defined, unable
to identify users, required by ENABLE_SOAP_SSL" at line 1926 in file
daemon_core.C
_______________________________________________
Condor-users mailing list
To unsubscribe, send a message to condor-users-request@xxxxxxxxxxx with a
subject: Unsubscribe
You can also unsubscribe by visiting
https://lists.cs.wisc.edu/mailman/listinfo/condor-users

The archives can be found at either
https://lists.cs.wisc.edu/archive/condor-users/
http://www.opencondor.org/spaces/viewmailarchive.action?key=CONDOR