Good Morning Facing an issue when using xrdcp in conjunction with GSI security. Setup: Server : Runs xrootd process and has access rights to a backend CEPH cluster Client : Used to generate proxy certificate (voms-proxy-init), and run the xrdcp Both server and client have the /etc/vomses and /etc/grid-security/certificates folder setup for the VO's. Step 1) Server: xrootd process on the host is configured for GSI security xrootd.seclib /usr/lib64/libXrdSec.so sec.protparm gsi -vomsfun:libXrdVoms.so -vomsfunparms:certfmt=pem|grpopt=useall|dbg sec.protocol gsi -dlgpxy:request -exppxy:=creds -crl:require -certdir:<dir location> -cert:<host cert location> -key:<host key location> -gridmap:<gridmap file location> -gmapopt:trymap -d:3 sec.protbind * only gsi Step 2) Client: voms-proxy-init --voms <vo name> is used to generate a VOMS proxy and certificate is generated successfully after contacting VO bash-4.2$ voms-proxy-init --voms dteam Enter GRID pass phrase for this identity: Contacting voms2.hellasgrid.gr:15004 [/C=GR/O=HellasGrid/OU=hellasgrid.gr/CN=voms2.hellasgrid.gr] "dteam"... Remote VOMS server contacted succesfully. Created proxy in /tmp/<filename>. Your proxy is valid until Mon Oct 03 23:37:37 BST 2022 Step 3) Client: xrdcp is used to copy a file from the client to the server to write to the dteam VO xrdcp testfile.txt root://<server>/dteam:test/testfile.txt -v --force Step 4) Step 3 fails as follows XrdVomsFun: retrieval FAILED: Cannot verify AC signature! secgsi_Authenticate: VOMS: Entity.vorg: <none> secgsi_Authenticate: VOMS: Entity.grps: <none> secgsi_Authenticate: VOMS: Entity.role: <none> secgsi_Authenticate: VOMS: Entity.endorsements: <none> Any inputs would be much appreciated. If you need more information, pls let me know Thanks Vijay This email and any attachments are intended solely for the use of the named recipients. If you are not the intended recipient you must not use, disclose, copy or distribute this email or any of its attachments and should notify the sender immediately and delete this email from your system. UK Research and Innovation (UKRI) has taken every reasonable precaution to minimise risk of this email or any attachments containing viruses or malware but the recipient should carry out its own virus and malware checks before opening the attachments. UKRI does not accept any liability for any losses or damages which the recipient may sustain due to presence of any viruses. ######################################################################## Use REPLY-ALL to reply to list To unsubscribe from the XROOTD-L list, click the following link: https://listserv.slac.stanford.edu/cgi-bin/wa?SUBED1=XROOTD-L&A=1