Mailing List Archives
Public Access
|
|
![[Computer Systems Lab]](https://www-auth.cs.wisc.edu/pics/csl_logo.gif)
|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Condor-users] detailed instruction on how to setup condor soap ssl
- Date: Tue, 03 Apr 2012 09:53:01 -0400
- From: Peter MacKinnon <pmackinn@xxxxxxxxxx>
- Subject: Re: [Condor-users] detailed instruction on how to setup condor soap ssl
Another option is to try out the Aviary contrib which is an alternative
(and pluggable) SOAP interface into Condor. It offers SSL mutual auth
which can be configured using a minimal set of vars:
AVIARY_SSL = TRUE
AVIARY_SSL_SERVER_CERT = /path/to/server/certificate/file
AVIARY_SSL_SERVER_KEY = /path/to/server/private/key/file
AVIARY_SSL_CA_DIR = /path/to/server/ca/directory
AVIARY_SSL_CA_FILE = /path/to/server/ca/file
If you get stuck somehow in the setup, let me know. The full README is
at:
http://condor-git.cs.wisc.edu/?p=condor.git;a=blob;f=src/condor_contrib/aviary/README
\Pete
On Mon, 2012-04-02 at 12:40 -0500, Zhu Wayne wrote:
> Greetings!
> I found little details on how to set up SOAP SSL (v7.4.4). Could
> anyone who made it work shed some lights on this? I was enable to make
> SOAP work w/ little effort, but not so lucky with SSL. Thanks.
>
>
> ## SOAP
> ENABLE_SOAP = TRUE
> ENABLE_WEB_SERVER = TRUE
> WEB_ROOT_DIR = $(RELEASE_DIR)/lib/webservice
> ALLOW_SOAP = */*
> QUEUE_ALL_USERS_TRUSTED = FALSE
> ENABLE_SOAP_SSL = TRUE
> COLLECTOR_SOAP_SSL_PORT = 9818
> MASTER_SOAP_SSL_PORT = 9718
> #SOAP_SSL_SERVER_KEYFILE = $(RELEASE_DIR)/web/collector.pem
> #SOAP_SSL_CA_FILE = $(RELEASE_DIR)/web/collector.csr
> SOAP_SSL_SERVER_KEYFILE = /opt/appl/condor/live/web/collector.pem
> SOAP_SSL_CA_FILE = /opt/appl/condor/live/web/collector.csr
>
> Collector failed to start with the following in the log:
> 4/02 11:34:40 ******************************************************
> 04/02 11:34:40 Using config source: /opt/appl/condor/live/etc/condor_config
> 04/02 11:34:40 Using local config sources:
> 04/02 11:34:40 /opt/condor/condor_config.local
> 04/02 11:34:40 /opt/appl/condor/condor-etc/condor_config.wiwebcm301p
> 04/02 11:34:40 DaemonCore: Command Socket at <10.235.40.67:9618>
> 04/02 11:34:40 ERROR "DaemonCore: Failed to initialize SOAP SSL server
> context" at line 190 in file soap_core
> .cpp
> _______________________________________________
> Condor-users mailing list
> To unsubscribe, send a message to condor-users-request@xxxxxxxxxxx with a
> subject: Unsubscribe
> You can also unsubscribe by visiting
> https://lists.cs.wisc.edu/mailman/listinfo/condor-users
>
> The archives can be found at:
> https://lists.cs.wisc.edu/archive/condor-users/
--
Peter MacKinnon
Cloud BU/MRG Grid
Red Hat Inc.
Raleigh, NC