[HTCondor-users] condor 8.x and authentication woes

[Keith Brown <keith6014@xxxxxxxxx>]

I have been a long time condor 6 & 7 user and decided to give v8 a try
in our lab. Installation was done thru a RPM, RHEL 7.6.

I have 2 nodes: r1 (COLLECTOR, MASTER, NEGOTIATOR, SCHEDD, STARTD). r2
(MASTER, STARTD).  I am able to start everything up but on r2 I keep
seeing

 07/01/19 21:35:14 SECMAN: FAILED: Received "DENIED" from server for
user unauthenticated@unmapped using method (no authentication).
07/01/19 21:35:14 ERROR: SECMAN:2010:Received "DENIED" from server for
user unauthenticated@unmapped using method (no authentication).

I am tempted to go "CLAIMTOBE" route. Instead, I looked into SSL
because that seems to be recommended but getting it to work is very
hard.


I have followed,
http://research.cs.wisc.edu/htcondor/CondorWeek2011/presentations/zmiller-ssl-tutorial.pdf
and https://indico.cern.ch/event/272794/contributions/614951/attachments/490442/677973/MillerZ-Securing.pdf
https://www-auth.cs.wisc.edu/lists/htcondor-users/2010-January/msg00228.shtml

Is there an simplier version of the SSL setup? Has anyone gotten a
simple SSL setup to work?

The documention,https://htcondor.readthedocs.io/en/v8_8_3/admin-manual/security.html,
should include a quick start for SSL. Otherwise, I think everything
will go with claimedtobe and make instances insecure.