Hi,
Not clear if this is a problem with our Argus configuration, or with our HTCondor-CE, but when trying to submit jobs to our HTCondor-CE remotely I see:
tail /var/log/condor-ce/SchedLog
12/03/19 17:41:45 (D_SECURITY) ZKM: 1: attempting to map 'DN'
12/03/19 17:41:45 (D_SECURITY) ZKM: 2: mapret: 0 included_voms: 1 canonical_user: GSS_ASSIST_GRIDMAP
12/03/19 17:41:45 (D_ALWAYS:2) ZKM: successful mapping to GSS_ASSIST_GRIDMAP
12/03/19 17:41:45 (D_SECURITY) Using Globus mapping result from the cache.
12/03/19 17:41:45 (D_SECURITY) Globus-based mapping failed; will use gsi@unmapped.
12/03/19 17:41:45 (D_SECURITY) ZKM: 1: attempting to map '/DC=ch/DC=cern/OU=Organic Units/OU=Users/CN=smh/CN=673716/CN=Stewart Martin-Haugh,/atlas/Role=NULL/Capability=NULL,/atlas/lcg1/Role=NULL/Capability=NULL,/atlas/uk/Role=NULL/Capability=NULL'
12/03/19 17:41:45 (D_SECURITY) ZKM: 2: mapret: 0 included_voms: 1 canonical_user: GSS_ASSIST_GRIDMAP
12/03/19 17:41:45 (D_ALWAYS:2) ZKM: successful mapping to GSS_ASSIST_GRIDMAP
12/03/19 17:41:45 (D_SECURITY) Using Globus mapping result from the cache.
12/03/19 17:41:45 (D_SECURITY) Globus-based mapping failed; will use gsi@unmapped.
With GSI_PEP_CALLOUT_DEBUG_LEVEL increased to 9:
2019-12-03 17:26:01 DEBUG: pep_authorize: PEP#1: encoding base64 output...
2019-12-03 17:26:01 ÂINFO: pep_authorize: PEP#1 sending XACML request to:
https://argus.server:8154/authz* About to connect() to argus.server port 8154 (#1)
* Â Trying 130.246.181.45...
* Connected to argus.server ($IP_ADDRESS) port 8154 (#1)
* failed to load '/etc/grid-security/certificates/c7cad089.signing_policy' from CURLOPT_CAPATH
...
* Â CAfile: /etc/pki/tls/certs/ca-bundle.crt
 CApath: /etc/grid-security/certificates
* unable to load client key: -8178 (SEC_ERROR_BAD_KEY)
* NSS error -8178 (SEC_ERROR_BAD_KEY)
* Peer's public key is invalid.
* Closing connection 1
2019-12-03 17:26:01 ERROR: pep_authorize: PEP#1 sending XACML request to
https://argus.server:8154/authz failed: curl[58] Problem with the local SSL certificate.
Cheers,
Stewart
![[Computer Systems Lab]](https://www-auth.cs.wisc.edu/pics/csl_logo.gif){kind=logo}