The wiki is deprecated and due to be decommissioned by the end of September 2022.
The content is being migrated to other supports, new updates will be ignored and lost.
If needed you can get in touch with EGI SDIS team using operations @ egi.eu.
Difference between revisions of "Tools/Manuals/TS11"
< Tools
Jump to navigation
Jump to search
| Line 2: | Line 2: | ||
[[Category:FAQ]] | [[Category:FAQ]] | ||
------ | ------ | ||
Back to [[Manuals | Back to [[Tools/Manuals/SiteProblemsFollowUp|Troubleshooting Guide]] | ||
------ | ------ | ||
| Line 24: | Line 24: | ||
#Is the CA perhaps overridden by a file in your <font face="Courier New,Courier">~/.globus</font> directory? | #Is the CA perhaps overridden by a file in your <font face="Courier New,Courier">~/.globus</font> directory? | ||
#Are the certificate revocation lists (CRLs) up to date? | #Are the certificate revocation lists (CRLs) up to date? | ||
#See also [[Manuals/ | #See also [[Tools/Manuals/TS01|7_authentication_failed]] | ||
#Is the time correct on the client and the server? If the client's time is ahead of the server's time, the service might consider a fresh proxy not yet valid. | #Is the time correct on the client and the server? If the client's time is ahead of the server's time, the service might consider a fresh proxy not yet valid. | ||
Revision as of 08:27, 31 March 2011
Back to Troubleshooting Guide
GRAM Authentication test failure
Full message
$ globus-job-run lxn1184.cern.ch /usr/bin/env GRAM Job submission failed because the connection to the server failed (check host and port) (error code 12) $ globusrun -a -r lxn1184.cern.ch GRAM Authentication test failure: connecting to the job manager failed. Possible reasons: job terminated, invalid job contact, network problems, ...
Diagnosis
The client could not authenticate the service.
Solution
- Is the CA for the service present on the client machine?
- Is it still valid? Check with: openssl x509 -noout -text -in the_CA_file
- Check $X509_CERT_DIR (instead of /etc/grid-security/certificates) if defined.
- Is the CA perhaps overridden by a file in your ~/.globus directory?
- Are the certificate revocation lists (CRLs) up to date?
- See also 7_authentication_failed
- Is the time correct on the client and the server? If the client's time is ahead of the server's time, the service might consider a fresh proxy not yet valid.