LISTSERV 16.5 - XROOTD-L Archives

Hello, Everyone.I checked again today, and I'm contacting you because the cause is somewhere else.The issue was caused by not executing fetch-crl and is now resolved.I'm sorry for inquiring about the no-problem content. Have a great end of the year.Regards,----- Original Message -----From : [log in to unmask] : xrootd-l <[log in to unmask]>Cc : Sent : 2021-12-21 16:53:36Subject : Question about libXrdSecgsiVOMS.soDear XRootD experts,I am currently setting up GSI authentication for XRootD v5.4.0 using SecgsiVOMS.so.I set it as follows using the information on the Internet.However, I am contacting you because the daemon has not started.--- xrootd-public.cfg ---# Enable securityxrootd.seclib /usr/lib64/libXrdSec.so# X509 VOMS security in xroot protocolsec.protparm gsi -vomsfun:/usr/lib64/libXrdSecgsiVOMS.so -vomsfunparms:dbgsec.protocol /usr/lib64 gsi -dlgpxy:1 -exppxy:=creds -ca:1 -crl:3 -gridmap:/dev/null                              #Authorizatoinacc.audit denyacc.authdb /etc/xrootd/auth_fileacc.authrefresh 60ofs.authorize--- End of cfg ------ Error log ---211221 16:38:35 30555 secgsi_GetSrvCertEnt: failed to load certificate for the issuing CA 'ead666c8.0|06769ccd.0'211221 16:38:35 30555 secgsi_Init: problems loading srv cert211221 16:38:35 30555 XrdVomsInit: ++++++++++++++++++ VOMS plug-in +++++++++++++++++++++++++++++++211221 16:38:35 30555 XrdVomsInit: +++ proxy fmt:  raw211221 16:38:35 30555 XrdVomsInit: +++ group option: all of all groups211221 16:38:35 30555 XrdVomsInit: +++ group(s):   <not specified>211221 16:38:35 30555 XrdVomsInit: +++ VO(s):    all211221 16:38:35 30555 XrdVomsInit: +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++211221 16:38:35 30555 secgsi_LoadVOMSFun: using 'XrdSecgsiVOMSFun()' from /usr/lib64/libXrdSecgsiVOMS.so211221 16:38:35 30555 secgsi_Init: Secgsi: ErrInit: unable to generate ca cert hash list!Secgsi: ErrInit: unable to generate ca cert hash list!Config Failed to load gsi authentication protocol!---- End of log ----The host certificate I am using is KISTIv3 certificate, and the certificate refers to the same file in both ead666c8.0 and 06769ccd0 files.[root@cms-xrdr public]# ls -l /etc/grid-security/certificates/ead666c8.0lrwxrwxrwx. 1 root root 11 Dec 21 15:27 /etc/grid-security/certificates/ead666c8.0 -> KISTIv3.pem[root@cms-xrdr public]# ls -l /etc/grid-security/certificates/06769ccd.0lrwxrwxrwx. 1 root root 11 Dec 21 15:27 /etc/grid-security/certificates/06769ccd.0 -> KISTIv3.pemDue to 2 certificates are pointed out at the same time (read666c8.0|06769ccd.0), we are contacting you because we suspect that the problem was caused by not being properly taken.I would like to hear good opinions from those who have experienced similar problems as above.Thank you.Regards,

########################################################################
Use REPLY-ALL to reply to list

To unsubscribe from the XROOTD-L list, click the following link:
https://listserv.slac.stanford.edu/cgi-bin/wa?SUBED1=XROOTD-L&A=1