| New certificate for globus fails | jlowey | 2011-10-26 10:53 |
| Status: Closed | ||
Brian, I am taking a look at this issue and get the following errors when running the openssl command, however I did run all the tests in the WS-GRAM testing and it was successful with all of those. Note the results of the openssl command are different from the results Ashoka posted above.. I am not sure if there were any changes to the server since those original results were posted. Please let me know how we should proceed. Thanks, James Lowey [labkey@medusa globus_test]$ openssl s_client -connect medusa.tgen.org:8443 CONNECTED(00000003) depth=0 /O=Grid/OU=GlobusTest/OU=simpleCA-medusa.tgen.org/CN=host/medusa.tgen.org verify error:num=20:unable to get local issuer certificate verify return:1 depth=0 /O=Grid/OU=GlobusTest/OU=simpleCA-medusa.tgen.org/CN=host/medusa.tgen.org verify error:num=27:certificate not trusted verify return:1 depth=0 /O=Grid/OU=GlobusTest/OU=simpleCA-medusa.tgen.org/CN=host/medusa.tgen.org verify error:num=21:unable to verify the first certificate verify return:1 --- Certificate chain 0 s:/O=Grid/OU=GlobusTest/OU=simpleCA-medusa.tgen.org/CN=host/medusa.tgen.org i:/O=Grid/OU=GlobusTest/OU=simpleCA-medusa.tgen.org/CN=Globus Simple CA --- Server certificate -----BEGIN CERTIFICATE----- MIICUzCCAbygAwIBAgIBATANBgkqhkiG9w0BAQQFADBiMQ0wCwYDVQQKEwRHcmlk MRMwEQYDVQQLEwpHbG9idXNUZXN0MSEwHwYDVQQLExhzaW1wbGVDQS1tZWR1c2Eu dGdlbi5vcmcxGTAXBgNVBAMTEEdsb2J1cyBTaW1wbGUgQ0EwHhcNMTEwOTI5MjIw NzE5WhcNMTIwOTI4MjIwNzE5WjBmMQ0wCwYDVQQKEwRHcmlkMRMwEQYDVQQLEwpH bG9idXNUZXN0MSEwHwYDVQQLExhzaW1wbGVDQS1tZWR1c2EudGdlbi5vcmcxHTAb BgNVBAMTFGhvc3QvbWVkdXNhLnRnZW4ub3JnMIGfMA0GCSqGSIb3DQEBAQUAA4GN ADCBiQKBgQDriVfoRA7z8MxQ3FinxVr9FXQSItAvi791PtQROUQu7KHnkaLc2dvr veQeweQTRBvo7ZurTECgJY62XwYla+8oUFy0UxUJBMyTRYNnN1xacoSuQd+yfRMu 6qFtJj+5aWlFZUsYuWQSo0isFzTGcFs3ARC5VawjoUCJaVv9LLv7VQIDAQABoxUw EzARBglghkgBhvhCAQEEBAMCBPAwDQYJKoZIhvcNAQEEBQADgYEAVomYIE5owLdw StAYFZfp3QOGPGgBy11qhx6UQvx5rwSyKtxwP/Ljw7LfqCmk9XwYfz5VJO5A9dMz 0c92SwOD+ZiqT4J8vT9Zs3ZPQ7CidcaIORvx43BUbj/0VG+jipBIC/vjfWjlgRLb LhCiOmZ8+EtWH0xKTdoD+MO6jfzClkw= -----END CERTIFICATE----- subject=/O=Grid/OU=GlobusTest/OU=simpleCA-medusa.tgen.org/CN=host/medusa.tgen.org issuer=/O=Grid/OU=GlobusTest/OU=simpleCA-medusa.tgen.org/CN=Globus Simple CA --- Acceptable client certificate CA names /O=Grid/OU=GlobusTest/OU=simpleCA-medusa.tgen.org/CN=Globus Simple CA --- SSL handshake has read 893 bytes and written 337 bytes --- New, TLSv1/SSLv3, Cipher is DES-CBC3-SHA Server public key is 1024 bit Compression: NONE Expansion: NONE SSL-Session: Protocol : SSLv3 Cipher : DES-CBC3-SHA Session-ID: 1E64BEFE629633BE91AA6C9256DE0E80780859A3F4BEF2B01E77CB7CF6B3A50C Session-ID-ctx: Master-Key: DAD653B0CFD5ED8229D868613C1EE951140F52A85E8332D9B21540A674DFFD2410CDDCB7A1202D1945D9 B08898ADBF70 Key-Arg : None Krb5 Principal: None Start Time: 1319651400 Timeout : 300 (sec) Verify return code: 21 (unable to verify the first certificate) --- HTTP/1.1 404 Content-Type: text/xml; charset=utf-8 Transfer-Encoding: chunked Connection: close 3a8 <soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsd="http://www.w3 .org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> <soapenv:Body> <soapenv:Fault> <faultcode>soapenv:Server.userException</faultcode> <faultstring>java.io.IOException: Unexpected end of stream</faultstring> <detail> <ns1:stackTrace xmlns:ns1="http://xml.apache.org/axis/">java.io.IOException: Unexpected end of s tream at org.globus.wsrf.container.ServiceThread.parseHeaders(ServiceThread.java:824) at org.globus.wsrf.container.ServiceThread.process(ServiceThread.java:330) at org.globus.wsrf.container.GSIServiceThread.process(GSIServiceThread.java:153) at org.globus.wsrf.container.ServiceThread.run(ServiceThread.java:291) </ns1:stackTrace> <ns2:hostname xmlns:ns2="http://xml.apache.org/axis/">medusa</ns2:hostname> </detail> </soapenv:Fault> </soapenv:Body> </soapenv:Envelope> 0 read:errno=104 |
||