CILogon Certificate for TRANSP Production

(known as FusionGrid Certificate or OSG Certificate)

On May 31,2018 the OSG will be retiring the Certificate Authority (CA) service as well as their VOMS (Virtual Organization Membership Service)

Certificate signed by CILogon should be stored on your computer that you will run TRANSP from in $HOME/.globus

I. To get CILogon Certificate:

1. Go to: CILogon
   
   
2. Select "Identity Provider" (IdP):
   -Princeton employees can use "Princeton University"
   -MIT employees can - "Massachusetts Institute of Technology"
   -any other Institution (from CILogon IdP list) you have an account with
   "University of Padova","EPFL - EPF Lausanne","Lehigh University",
   "INFN - National Institute for Nuclear Physics","Columbia University",
   -or "Google", "GitHub" account.
3. Obtain the new certificate by entering a password. Remember this password - you need it later to extract the Certificate.
4. Download certificate.
5. On the computer that you will run TRANSP from, place the certificate in $HOME/.globus/ directory. If the directory is not there, then create it.
6. Run the following commands from inside the $HOME/.globus/ directory (you will need to enter the same password as the CILogon )
   
   openssl pkcs12 -in usercred.p12 -out userkey.pem -nodes -nocerts
   openssl pkcs12 -in usercred.p12 -out usercert.pem -nodes -clcerts -nokeys
   chmod 644 usercert.pem
   chmod 400 userkey.pem
   To authenticate with the new Certificate (let's say for 264 hours) run the following command:
   grid-proxy-init -hours 264
   this command should return
   
   Your identity: /DC=org/DC=cilogon/C=US/O=.../CN=..user-name... ID#
   Creating proxy ........................................... Done
   Your proxy is valid until: ...Date and time..
   
   
7. Once you authenticated with the new Certificate please email to Marina Gorelenkova (mgorelen@pppl.gov)
   • name and email address of your sponsor (a person familiar with TRANSP and is willing to help you TRANSP runs)
   • your identity: /DC=org/DC=cilogon/C=US/O=.../CN=..user-name... ID#
8. Any problems or suggestions related to CILogon Certificate please email to Marina Gorelenkova (mgorelen@pppl.gov)

   Links:
   

   Importing User Certificate for Command Line Use

   Getting a Certificate from CILogon

   To submit ticket to Open Science Grid help desk

   ---

   Home