Managing Certificates or Getting Certs Quickly - PowerPoint PPT Presentation

1 / 5
About This Presentation
Title:

Managing Certificates or Getting Certs Quickly

Description:

But what if you need a large number of certificates for your cluster? ... some special requirements and is probably only worth using for 10 certificates. ... – PowerPoint PPT presentation

Number of Views:33
Avg rating:3.0/5.0
Slides: 6
Provided by: dougl228
Category:

less

Transcript and Presenter's Notes

Title: Managing Certificates or Getting Certs Quickly


1
Managing Certificates or Getting Certs Quickly
  • Tim Silvers
  • Site Admin Meeting Dec. 12-13, 2007
  • Special thanks to Doug Olson for providing some
    slides.

2
Obtaining Certificates
  • Web browser
  • http//pki1.doegrids.org/ca/
  • VDT certificate scripts
  • VDT_LOCATION/cert-scripts/bin/
  • More info available from the OSG Twiki gt
    Documentation Hub gt
  • How do I maintain a DOEGrids PKI/X509 Personal
    Certificate?
  • Note Unless youre obtaining a personal cert,
    use a permanent address for the facility and not
    a personal email address to make the request.
  • But what if you need a large number of
    certificates for your cluster? Is there a faster,
    more efficient way?!!

3
Bulk issuance of certificates
  • multi-cert-gridadmin script provides functions
    for generating multiple certificate requests and
    submitting them via the GridAdmin interface for
    immediate issuance.
  • https//twiki.grid.iu.edu/twiki/bin/view/Security/
    CSReadMemulti_cert_gridadmin
  • Has some special requirements and is probably
    only worth using for gt 10 certificates.
  • Check with Doug Olson (dlolson_at_lbl.gov) if you
    are interested or have questions.

4
Get em quick!
  • GridAdmin interface allows immediate issuance of
    host/service certificates
  • Authorized by your personal certificate
  • Request by sending email to osg-ra_at_opensciencegri
    d.orghttps//twiki.grid.iu.edu/twiki/bin/view/Sec
    urity/OsgRaOperationsLetter_requesting_GridAdmin_
    priv
  • Both web and script interface
  • cert-gridadmin -host ltFQDNgt -service ltservice
    namegt \-email ltaddressgt -vo ltvirtual
    organizationgt -affiliation ltRAgt
  • -service is optional
  • ltRAgt OSG

5
Subscriber Obligations(subscriber person who
requests/receives certificate)
  • From the Certificate Policy and Certification
    Practice Statement (CP/CPS) http//www.doegrids.or
    g/Docs/CP-CPS.pdf
  • Notify DOE GRIDS PKI immediately of any security
    incidents. Notification shall occur within the
    first 12 hours of initial knowledge of incident.
    (See sections 1.4 and 2)
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2024 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "Managing Certificates or Getting Certs Quickly" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!