[gin] VOMS (Admin) server certificate changed for kuiken.nikhef.nl (hosting GIN and other VOs)

David Groep davidg at nikhef.nl
Wed Dec 5 01:51:48 CST 2007 

Dear all,

Some of you, and in particular the GIN VO, are using the services
provided by Oscar Koeroo on kuiken.nikhef.nl to host your VOMS server.
Due to an unfortunate oversight, the host certificate for this host has
expired yesterday evening.

It has now been updated with a new host certificate (attached below),
but this still means that all of you who rely on the local presence of the
VOMS trust anchor on your systems will have to update their local copy
as well. If you rely on such a local copy, it is typically installed
in /etc/grid-security/vomsdir/.

Those of you relying only on the common name, or using the VOMS-Admin server
to generate grid-mapfiles, are not affected by this change. All relevant
services and the VOMS-Admin interface have been restarted and use the
new certificate as of 08:25 CET this morning.

You can find the new copy of the kuiken.nikhef.nl VOMS certificate at
the end of this email. You can also retrieve it on-line from the following
location:

  https://ca.dutchgrid.nl/medium/query/?id=kuiken.nikhef.nl

In all cases, please verify the integrity of the signatures by retrieving
and verifying the DutchGrid and Nikhef Medium-security CA self-signed
root certificate, e.g. using the TERENA Academic CA Repository at
  https://www.tacar.org/

or directly
  https://www.tacar.org/repos/index.php?action=install&id=83


At the moment, the machine "kuiken" is not part of the Nikhef central
services or monitored infrastructure, which allowed this event to happen.
Evaluation of this event will likely change the status of this system, which
may lead (somewhere in early 2008) to yet another change of certificate.
You will be informed well in advance if and when this will be the case.

	Best regards,
	David Groep
	(acting as Oscar Koeroo at the moment...)

Certificate:
    Data:
        Serial Number: 1623 (0x657)
        Issuer: C=NL, O=NIKHEF, CN=NIKHEF medium-security certification auth
        Validity
            Not Before: Dec  5 00:00:00 2007 GMT
            Not After : Dec  4 08:05:35 2008 GMT
        Subject: O=dutchgrid, O=hosts, OU=nikhef.nl, CN=kuiken.nikhef.nl

-----BEGIN CERTIFICATE-----
MIIElTCCA32gAwIBAgICBlcwDQYJKoZIhvcNAQEFBQAwUjELMAkGA1UEBhMCTkwx
DzANBgNVBAoTBk5JS0hFRjEyMDAGA1UEAxMpTklLSEVGIG1lZGl1bS1zZWN1cml0
eSBjZXJ0aWZpY2F0aW9uIGF1dGgwHhcNMDcxMjA1MDAwMDAwWhcNMDgxMjA0MDgw
NTM1WjBTMRIwEAYDVQQKEwlkdXRjaGdyaWQxDjAMBgNVBAoTBWhvc3RzMRIwEAYD
VQQLEwluaWtoZWYubmwxGTAXBgNVBAMTEGt1aWtlbi5uaWtoZWYubmwwgZ8wDQYJ
KoZIhvcNAQEBBQADgY0AMIGJAoGBAO8h14yXKTkA3XN4J5LUol97yl3N4ePc19N+
rtWk6R6DYyDxIOnmiumrlNCxeEtIXBNjUM4w9Sf9wfU1qcvL3gIoqV/9CGmlSGNF
V5it5qzilZo8D4dCjP/H/Yca22gk+GxCsZvSP6GMG2sSWvXkZ5BEgjcKRzTI4TC2
SfDsd+qvAgMBAAGjggH2MIIB8jAMBgNVHRMBAf8EAjAAMA4GA1UdDwEB/wQEAwIE
sDAnBgNVHSUEIDAeBggrBgEFBQcDAQYIKwYBBQUHAwIGCCsGAQUFBwMEMDgGA1Ud
HwQxMC8wLaAroCmGJ2h0dHA6Ly9jYS5kdXRjaGdyaWQubmwvbWVkaXVtL2NhY3Js
LmRlcjAoBgNVHSAEITAfMA8GDSsGAQQB0UIEAgIBAwEwDAYKKoZIhvdMBQICATAf
BgNVHSMEGDAWgBRbBTqZxtUivf2UgPwRqNDxcdZLpDAdBgNVHQ4EFgQUGJ8fJyM3
6mKyPgdoi4Pi3odinO4wEQYJYIZIAYb4QgEBBAQDAgXgMDQGCWCGSAGG+EIBCAQn
FiVodHRwOi8vY2EuZHV0Y2hncmlkLm5sL21lZGl1bS9wb2xpY3kvMIGeBglghkgB
hvhCAQ0EgZAWgY1FRUMgaXNzdWVkIHVuZGVyIFBvbGljeSB2ZXJzaW9uIDMuMSAt
IGxpbWl0ZWQgbGlhYmlsaXRpZXMgYXBwbHksIHNlZSBodHRwOi8vY2EuZHV0Y2hn
cmlkLm5sL21lZGl1bS9wb2xpY3kvIC0gQ2VydGlmaWNhdGUgVGFnOiA0MDliZDdh
Ni1lZjIxZDcwGwYDVR0RBBQwEoIQa3Vpa2VuLm5pa2hlZi5ubDANBgkqhkiG9w0B
AQUFAAOCAQEAoKXqLclxxUnWZg9mb3ve/HQNQqAjI8ryT3FKO/hUEtZNlDeXDhrA
hWgS1EHiH5BW+50LdilgoZTLKluedEMpWQ6a+DbI+uBbtAiiuBl4ja0XxcU7YBx3
HRL5ohUKDlKPlKg631x+6/3gpj38tyxAsPk1rkpt3cicDdWHlOHbJKenyDYjNqya
wdxB66F0pgdNRBJAlEdVUfGMR9K65qc4WIomQ9iRKkKcKIMpHy96xhTq0yc+rXvF
oLamahMO4H1g3AsO1ej+mTYHz7WGWcFp62izylex4HWtdaI3yAFeOclN+7iRmlPM
MmY5xB384ZJG3XWR7PtqaUy1kX3zQAvVVg==
-----END CERTIFICATE-----


-- 
David Groep

** National Institute for Nuclear and High Energy Physics, PDP/Grid group **
** Room: H1.56 Phone: +31 20 5922179, PObox 41882, NL-1009DB Amsterdam NL **
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3458 bytes
Desc: S/MIME Cryptographic Signature
Url : http://www.ogf.org/pipermail/gin/attachments/20071205/1e61f269/attachment.bin

More information about the gin mailing list