[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Condor-users] GSI auth in Windows

I found Zach's tutorial extremely useful for setting up SSL in a Windows pool. There is not a whole lot that is different, but there are many methods to accomplish setting up SSL CA, certs, keys, etc. If you follow Zach's setup you will have a set of instructions to refer to and I highly recommend this if you are not familiar with SSL. I can also provide you help with this if you would like. If needed I can also throw together my notes and pass this information along. I also developed a python script that automates the generates of keys and certs (after the CA is setup) because I was implementing a strict security policy where each machine required their own key--a bit of an overkill but developing this code has saved me a tremendous amount of time.


From: Zachary Miller <zmiller@xxxxxxxxxxx>
To: Condor-Users Mail List <condor-users@xxxxxxxxxxx>
Date: 08/17/2012 07:43 AM
Subject: Re: [Condor-users] GSI auth in Windows
Sent by: condor-users-bounces@xxxxxxxxxxx

> Does this mean that the Windows version is not GSI capable?

As Todd pointed out, that is correct.  The next best thing would be to use SSL.

I've given tutorials in the past for setting up Condor using SSL, but those
have generally assumed that you are on a Linux machine that has the command
line program "openssl" installed.

If you use a Linux machine to generate your certificates, there shouldn't be
anything particularily special about then using those certificates on a Windows
installation of Condor.

Perhaps at the next Condor week, I can do a Linux/Windows cross-platform
tutorial for setting up SSL and/or Kerberos.  In the meantime, I would create
your SSL certs on a Linux machine and then follow the configuration mentioned


Condor-users mailing list
To unsubscribe, send a message to condor-users-request@xxxxxxxxxxx with a
subject: Unsubscribe
You can also unsubscribe by visiting

The archives can be found at: