[ogsa-hpcp-wg] HPC Basic Profile Compliance Tester support for client authentication using X509
Glenn Wasson
wasson at virginia.edu
Tue Oct 30 14:15:31 CDT 2007
All,
I have added support to allow the HPC Basic Profile Compliance
Tester to identify clients via X.509 (instead of just username/password).
The service's URL is
https://opteron4.cs.virginia.edu:45885/FormServerTemplates/HPCBasicProfileCo
mplianceTester.aspx.
On the left hand side, you will now see a radio button labeled "Client
authentication". It has 2 options, "Username/password" and "X.509". If you
select "Username / password", the username and password boxes will function
as before. If you select "X.509", then those boxes will be disabled and the
compliance tester will attempt to make a mutually-authenticated SSL
connection to your service.
The certificate that the compliance tester uses is available at
http://www.cs.virginia.edu/~gsw2c/HPCBasicProfileComplianceTesterCert.pem.
If you want to test your service's X.509 authentication, download and
install this cert where ever it needs to go so that your service will trust
the HPCBP Compliance tester. This is a self-signed cert that will expire
about a week after SuperComputing.
Please let me know if you have problems.
Glenn
More information about the ogsa-hpcp-wg
mailing list