[HTCondor-users] SOAP SSL

[Jeffrey Phillips <jeffphil@xxxxxxxxx>]

I was able to get SSL authentication setup and SOAP services over SSL successfully working on a Windows cluster with HTCondor version 8.2.4.

However, I found that the <subsys> config options documented in 3.3.30 section of documentation did not seem to exist. And the Â<SUBSYS>_SOAP_SSL_PORTÂoption is necessary. Without it you can't statically set the port number, since the schedd ssl soap service won't be able to bind to the same port as Collector from the base non-subsys SOAP_SSL_PORT option.

For me, I ended up addingÂsubsys + "_SOAP_SSL_PORT"Âback to the 8.2.4 code and compiling based on this check-in where it was last seen in 2010:

https://htcondor-wiki.cs.wisc.edu/index.cgi/fileview?f=src/condor_daemon_core.V6/soap_core.cpp&v=8935edcf622a0397660f4605f54a0afcb3fc5106

Not sure if Âa branch merge trumped the options. But seems important enough to get added back into base. And the documentation is all already there to support it. Â;)

Long-term, it may make sense to use a single controller SOAP SSL socket for both Collector and Schedd, like the non-SSL SOAP services do.

Thanks again for all the hard work and great product.

-jeffrey