XRootD pre-4.9.0 clients reject long-lived x509 certificates!
XRootD GSI clients prior to release 4.9.0 suffer from the UNIX Y2K
problem (see https://en.wikipedia.org/wiki/Year_2038_problem).
This means that certificates that expire past 2038 cannot be verified and
will be rejected; causing authentication to fail. This most frequently
happens with CA certificates that have a long lifetime.
There are only two solutions to this problem:
o Update your clients to at least version 4.9.0, or
o get a certificate with an expiration date prior to 2038 until your
clients have migrated to a supported release.
########################################################################
Use REPLY-ALL to reply to list
To unsubscribe from the XROOTD-L list, click the following link:
https://listserv.slac.stanford.edu/cgi-bin/wa?SUBED1=XROOTD-L&A=1
|