[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Condor-users] dear condor users!
- Date: Wed, 4 Apr 2012 02:26:23 -0700
- From: muluken sholaye <mulesho2490@xxxxxxxxx>
- Subject: [Condor-users] dear condor users!
it might be horrible but i need your help!
i am currently using condor 7.6.6. the pool i have contains about 42 execution nodes running mostly windows 7 and a central manger Redhat linux server edition(latest release).the pool had been in a good status until i tried to apply SSL security infrastructure. the SSL entries i used in global config files are:-
SEC_DEFAULT_AUTHENTICATION = REQUIRED
SEC_DEFAULT_AUTHENTICATION_METHODS = SSL
SEC_DEFAULT_ENCRYPTION = REQUIRED
SEC_DEFAULT_CRYPTO_METHODS = BLOWFISH
AUTH_SSL_CLIENT_CAFILE = /TEST/root-ca.crt
AUTH_SSL_CLIENT_CERTFILE = /TEST/admin-PC.crt
AUTH_SSL_CLIENT_KEYFILE = /TEST/admin-PC.key
AUTH_SSL_SERVER_CAFILE = /TEST/root-ca.crt
AUTH_SSL_SERVER_CERTFILE = /TEST/admin-PC.crt
AUTH_SSL_SERVER_KEYFILE = /TEST/admin-PC.key
CERTIFICATE_MAPFILE = /TEST/condor_mapfile
where i used openSSL to generate the cerificates.
my mechanism is actually ,a self signed central manger will get request from each nodes and will sign for approval if appropriate.i thought sharing the same key for entire pool and using that key for authentication quite ridiculous.the problem i got is when i try to submit job i got error
>>condor_submit submitfile
Submitting job(s)
ERROR: Failed to connect to local queue manager
SECMAN:2007:could not receive post_auth_info.
for the files already in the queue i tried to find out what is wrong
>>condor_q -debug
04/04/12 06:18:09 Trying to connect.
04/04/12 06:18:09 SSL: trying to continue reading.
04/04/12 06:18:09 Trying to connect.
04/04/12 06:18:09 SSL: trying to continue reading.
04/04/12 06:18:09 Receive message.
04/04/12 06:18:09 Trying to connect.
04/04/12 06:18:09 SSL: trying to continue reading.
04/04/12 06:18:09 Trying to connect.
04/04/12 06:18:09 SSL: trying to continue reading.
04/04/12 06:18:09 Receive message.
04/04/12 06:18:09 Trying to connect.
04/04/12 06:18:09 post_connection_check.
04/04/12 06:18:09 Returning SSL_get_verify_result.
04/04/12 06:18:09 SSL: continue read/write.
04/04/12 06:18:09 Receive message.
04/04/12 06:18:09 Status: c: 2, s: 4
04/04/12 06:18:09 Status: c: 4, s: 4
04/04/12 06:18:09 ZKM: Parsing map file.
04/04/12 06:18:09 ZKM: 1: attempting to map '/C=ET/ST=AA/O=INSA/OU=IAD/CN=admin-PC/emailAddress=admin-PC@localdomain'
04/04/12 06:18:09 ZKM: 2: mapret: 1 included_voms: 0 canonical_user:
04/04/12 06:18:09 ZKM: did not find user .
the content of the map file is
SSL "C=ET, ST=AA, O=INSA, OU=IAD, CN=admin-PC/emailAddress=admin-PC@localdomain" Central-manager@localdomain
i thought the format is Authentication_method source_DN mapped user.
shadowlog and scheddlog shows the same information described above under condor_q -debug.
any ideas please????....