Getting a Grid Certificate

From GlueXWiki
Revision as of 11:54, 11 May 2017 by Jonesrt (Talk | contribs)

Jump to: navigation, search
  • Follow the step-by-step instructions for requesting a certificate at https://oim.grid.iu.edu/oim/certificaterequestuser
  • For your Sponsor select "Gluex" from the pulldown list.
  • In the Sponsor text box, give the name of the GlueX collaboration contact person for your group.
  • You will get a request ID for tracking purposes.
  • Navigate to the cilogon CA web site and install the trusted root certificates for the cilogon CA. You can do this in your browser by clicking on the link after "CA Certificate". You want both the cilogon Root CA and cilogon CA-1. Either the "pem" (unix style) or the "der" (windows style) links should be recognized by your browser, but you only need one of them, not both. When prompted, click "Install". You don't need anything except the CA Certificates for the cilogon Grid-Only Trust CAs.
  • You should receive an email back from OSG-PKI within three working days informing you that your certificate is ready, and giving instructions for how to retrieve it.
  • Install the new certificate into your favorite browser(s). It should be easy to figure out how to do this, and if not, plenty of help on this topic is available on the web for your particular browser. You may look here for guidance on how to install certificates into Safari.
  • Navigate to the Gluex VOMS web service and fill out the form to register as a new Gluex user.
  • Within one working day, the Gluex VOMS admin should respond to your request and grant you membership.
  • Verify that your new certificate is fully authorized on the OSG as a member of the Gluex VO by trying the following command in the unix shell where you installed your certificate. You will be prompted to enter the password that you specified when you created the certificate.
voms-proxy-init -voms Gluex:/Gluex

The above command may succeed and still print a error message about not being able to verify the AC of the voms server. If you see that message, don't worry about that right now. It reflects a small issue with your OSG client configuration. Instructions for diagnosing and repairing the problem are found on Using the Grid.