I found Zach's tutorial extremely useful
for setting up SSL in a Windows pool. There is not a whole lot that is
different, but there are many methods to accomplish setting up SSL CA,
certs, keys, etc. If you follow Zach's setup you will have a set of instructions
to refer to and I highly recommend this if you are not familiar with SSL.
I can also provide you help with this if you would like. If needed I can
also throw together my notes and pass this information along. I also developed
a python script that automates the generates of keys and certs (after the
CA is setup) because I was implementing a strict security policy where
each machine required their own key--a bit of an overkill but developing
this code has saved me a tremendous amount of time.
Zachary Miller <zmiller@xxxxxxxxxxx>
Condor-Users Mail List <condor-users@xxxxxxxxxxx>
08/17/2012 07:43 AM
Re: [Condor-users] GSI auth in Windows
> Does this mean that the Windows version is not GSI capable?
As Todd pointed out, that is correct. The next best thing would be
to use SSL.
I've given tutorials in the past for setting up Condor using SSL, but those
have generally assumed that you are on a Linux machine that has the command
line program "openssl" installed.
If you use a Linux machine to generate your certificates, there shouldn't
anything particularily special about then using those certificates on a
installation of Condor.