Nel caso in cui sia il client ad avere CRL scadute per la CA che ha rilasciato il certificato del server viene indicato chiaramente
il problema
Failed to establish security context :
GSS Major Status: Authentication Failed
GSS Minor Status Error Chain:
init.c:264: globus_gss_assist_init_sec_context: Error during context initialization
init_sec_context.c:187: gss_init_sec_context: Unable to verify remote side's credentials
globus_i_gsi_gss_utils.c:898: globus_i_gsi_gss_handshake: SSLv3 handshake problems: Couldn't do ssl handshake
OpenSSL Error: s3_clnt.c:836: in library: SSL routines, function SSL3_GET_SERVER_CERTIFICATE: certificate verify failed
globus_gsi_callback.c:349: globus_i_gsi_callback_handshake_callback: Could not verify credential
globus_gsi_callback.c:466: globus_i_gsi_callback_proxy_verify: Could not verify credential
globus_gsi_callback.c:717: globus_i_gsi_callback_check_revoked: Invalid CRL: The available CRL has expired
ed il server riporta soltanto un messaggio di read failure
Failed reading length 0
Failed to establish security context :
globus_gss_assist token :3: read failure: Connection closed
|