[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Condor-users] SSL authentication with WinXP

On Mar 21, 2007, at 11:36 AM, Smith, Ian wrote:


AUTH_SSL_SERVER_CAFILE =   c:\condor\ssl\ca\signing-ca-1.crt
AUTH_SSL_CLIENT_CAFILE =   c:\condor\ssl\ca\signing-ca-1.crt

This should point to a file containing both the root-ca and
signing-ca-1 certificates.

Does that mean I need to concatenate them into one file ?


AUTH_SSL_SERVER_CADIR =    c:\condor\ssl\ca
AUTH_SSL_CLIENT_CADIR =    c:\condor\ssl\ca

Try verifying the certificates using openssl verify.

Not sure how I do that in a >expletive deleted< windows envrionment.
Are there any MS tools or do I near to go and get openssl.

At least for now I think you should use the CAFILE param and ignore the CADIR. The CADIR needs all sorts of special maintenance...