Alert.png The wiki is deprecated and due to be decommissioned by the end of September 2022.
The content is being migrated to other supports, new updates will be ignored and lost.
If needed you can get in touch with EGI SDIS team using operations @ egi.eu.

Difference between revisions of "EGI-InSPIRE:JRA1 SHA2 Readiness"

From EGIWiki
Jump to navigation Jump to search
Line 41: Line 41:


== GGUS ==
== GGUS ==
No problems with SHA2 user certs on GGUS.

Revision as of 08:39, 22 March 2013

Operational Tools SHA2 Support Status

GOCDB

  • We have tested a SHA2 user cert on GOCDB and no problems.

If using Apache2 - Should be handled by Apache without tool modification. Adding some useful info for other PTs about how to get a SHA2 cert and the CA certs for testing (originally via P.Solagna via D.Groep):

The easiest is to get an instant SHA2 test certificate from CILogon, using their (unaccredited) OpenID provider like Google:

and select "Google" from the list of IdPs. After signing in to Google and typing in a password, you can download a pkcs#12 file with your new certificate and private key (you have ~ 2min to do this). To get the conventional usercert.pem and userkey.pem, use openssl:

 openssl pkcs12 -in myfile.p12 -info -out usercert.pem -nokeys  openssl pkcs12 -in myfile.p12 -info -out userkey.pem -nocerts  chmod 0600 userkey.pem

and give your passphrase a few times ;-) You can install the unaccredited OpenID CA just like the other IGTF CAs, but from the experimental repository:

SAM

SAM uses certificates in following components:

  • Apache 2 - SHA-2 supported natively
  • probes - SHA-2 readiness depends on probes.

Operations Portal

Ok:User authentication using SHA-2 signed certificates has been successfully tested by SA2 verifiers.

Accounting Portal

Ok:User authentication using SHA-2 signed certificates has been successfully tested by SA2 verifiers.

Accounting Repository

Metrics Portal

Ok:User authentication using SHA-2 signed certificates has been successfully tested by SA2 verifiers.

Messaging

GGUS

No problems with SHA2 user certs on GGUS.