Whole site: Host certificate update

Introduction

Updating the host certificate in /etc/grid-security is not always sufficient: some services have a copy of this certificate which they started with. It is therefore necessary to update those copies and restart these services.

This page tends to sum up services which need to be restarted.

Copies location and rights

Copies of certificate are in general with the following rights:

  • 644 for public key (hostcert.pem)
  • 600 for the private key (hostkey.pem)

Generally you can easily find the location using locate unix command:

locate hostcert.pem
locate hostkey.pem

but for some services they change the file name like:

  • tomcat-cert.pem
  • tomcat-key.pem

usually you can find the host certificate and key in /etc/grid-security or in a sub directory named like the services (voms, storm, dpm, ...)

Services to be restarted

CREAM-CE

  • tomcat5
  • globus-gridftp

lcg-CE

  • globus-gatekeeper
  • globus-gridftp

SE StoRM

  • storm-backend, storm-frontend, storm-checksum
  • globus-gridftp

SE DPM

  • dpm, dpmcopyd, dpm-gsiftp, dpm-httpd, dpnsdaemon
  • srmv1, srmv2, srmv2.2
  • globus-gridftp

VOMS

  • tomcat5
  • voms

WMS

  • gLite


This topic: IGIRelease > WebTopMenu > UseCases > HostCertificateUpdate
Topic revision: r3 - 2012-07-19 - CristinaAiftimiei
 
This site is powered by the TWiki collaboration platformCopyright © 2008-2024 by the contributing authors. All material on this collaboration platform is the property of the contributing authors.
Ideas, requests, problems regarding TWiki? Send feedback