Table of contents
June 2024
Accounting records from ARC-CE 6.19 rejected
The Accounting repository rejected messages containing your (RO-14-ITIM) usage records as they are publishing v0.4 of the message format that the repository does not yet support. (The ARC developers were a bit quick off the mark in deprecating the old format.)
- This happens with ARC-CE 6.19
- The work around is to replace the AccountingPublishing.py file in ARC with the previous one.
- The file is available online: https://source.coderefinery.org/nordugrid/arc/-/blob/182e4f572fcac98909bd2476702c7ea90c533c7a/src/utils/python/arc/control/AccountingPublishing.py .
- This essentially reverts https://source.coderefinery.org/nordugrid/arc/-/commit/0af9b845a5d30d2faf6c9c044ded7fc03b06446d .
- Once done that, sites should republish for any missing data.
- The next version of ARC 6.20 coming soon should revert the default.
- Created an entry in the KEDB:
- EGIKEDB-18 - Getting issue details... STATUS
GridFTP client errors on Rocky and Alma 9 with SHA-1 certificates
- there is a mismatch between the default security policies of RHEL 9 + derivatives and the use of SHA-1 by a number of CAs in IGTF.
- RHEL 9 + derivatives and other recent Linux versions come with OpenSSL v3, which disables a number of legacy algorithms. In addition, RHEL 9 + derivatives disable SHA-1 by default.
- Unfortunately, SHA-1 is still used in root certificates of various CAs.
- Re-issuing a root certificate is a non-trivial, expensive process in IGTF.
- The workaround is to run:
update-crypto-policies --set DEFAULT:SHA1 - Created an entry in the KEDB:
- EGIKEDB-19 - Getting issue details... STATUS