Mailing List Archives
Authenticated access
|
|
![[Computer Systems Lab]](http://www.cs.wisc.edu/pics/csl_logo.gif)
|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Condor-users] SSL authentication with WinXP
- Date: Wed, 21 Mar 2007 14:24:18 -0500
- From: Matthew Farrellee <matt@xxxxxxxxxxx>
- Subject: Re: [Condor-users] SSL authentication with WinXP
On Mar 21, 2007, at 11:36 AM, Smith, Ian wrote:
[snip]
AUTH_SSL_SERVER_CAFILE = c:\condor\ssl\ca\signing-ca-1.crt
AUTH_SSL_CLIENT_CAFILE = c:\condor\ssl\ca\signing-ca-1.crt
This should point to a file containing both the root-ca and
signing-ca-1 certificates.
Does that mean I need to concatenate them into one file ?
Yes.
AUTH_SSL_SERVER_CADIR = c:\condor\ssl\ca
AUTH_SSL_CLIENT_CADIR = c:\condor\ssl\ca
Try verifying the certificates using openssl verify.
Not sure how I do that in a >expletive deleted< windows envrionment.
Are there any MS tools or do I near to go and get openssl.
At least for now I think you should use the CAFILE param and ignore
the CADIR. The CADIR needs all sorts of special maintenance...
http://www.openssl.org/docs/ssl/SSL_CTX_load_verify_locations.html
[snip]
matt