[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[HTCondor-users] DAGMan struggling with user certificate / pass phrase



Hey,
 
we use SSL for authentication of clients / hosts. All hosts share a host certificate as defined in the local condor config. Every user has an certificate protected by a password. The location is defined by the environment variables "_condor_AUTH_SSL_CLIENT_CERTFILE" , "_condor_AUTH_SSL_CLIENT_KEYFILE" , "_condor_AUTH_SSL_CLIENT_CAFILE"  and "_condor_AUTH_SSL_CLIENT_CADIR" as described in https://lists.cs.wisc.edu/archive/htcondor-users/2014-April/msg00057.shtml .
 
Everything is working fine, but: When we e.g. want to submit a job, condor_submit aks for the PEM pass phrase everytime. A little annoying, but acceptable. However we want to use DAGMan. 
When executing condor_submit_dag, it initially asks for the pass phrase but subsequently does not execute the jobs. Instead its writes the prompt "Enter PEM pass phrase:" into the file "first.dag.lib.err" a few times.
 
So it seems like DAGMan is trying to use the user certificate. Is this working as intended? Do we have to specify the PEM pass phrase somewhere or is it possible to cache it?
 
Best regards,
OC