Difference between revisions of "USG Setting up the UI Environment"

Latest revision as of 14:48, 10 January 2013

Main

EGI.eu operations services

Support

Documentation

Tools

Activities

Performance

Technology

Catch-all Services

Resource Allocation

Security

Documentation menu:

Home •

Manuals •

Procedures •

Training •

Other •

Contact ►

For:

VO managers •

Administrators

<< EGI User Start Guide

You will find how to configure the files, permissions and paths of the UI Environment to provide an optimal environment for Grid use and for running applications on the Grid.

Installing Your Certificate

Once an account on a user interface has been created, the user certificate must be installed. The recommended procedure is to create a directory named .globus under the user home directory to contain your grid credentials. After installation, you can check that it has been done properly with the voms-proxy-init command.

PKCS12 (*.p12) Formatted Certificates

If you have your credential in PKCS12 format (a file with either p12 or pfx extension), then copy your credential to the .globus directory and name the file usercred.p12. You need to change the file permission to make sure only you have access to it:

$ chmod 0400 usercred.p12

The listing of the directory should be similar to:

$ ls -l $HOME/.globus

-r--------    1 doe   xy           2935 Feb  1 10:49 usercred.p12

PEM (*.pem) Formatted Certificates

If you have your credential in PEM format (two files with pem extension) then put the certificate and key files in the .globus directory, naming them usercert.pem and userkey.pem respectively, with global read-only permissions for the former, and owner-read permissions for the latter, like so:

$ chmod 444 usercert.pem
$ chmod 400 userkey.pem

A listing of the directory should be similar to:

$ ls -l $HOME/.globus

-r--r--r--    1 doe      xy           4541 Aug 23  2006 usercert.pem
-r--------    1 doe      xy            963 Aug 23  2006 userkey.pem

@@ Line 7: / Line 7: @@
 ----
-[[Category:Operations_Manuals]]
+You will find how to configure the files, permissions and paths of the UI Environment to provide an optimal environment for Grid use and for running applications on the Grid.
+<div class="sect2" title="Installing Your Certificate"><div class="titlepage"><div><div>
-How to configure the files, permissions and paths of the UI Environment to provide an optimal environment for Grid use and for running applications on the Grid.
+=== Installing Your Certificate  ===
-<div title="Installing Your Certificate" class="sect2"><div class="titlepage"><div><div>
+</div></div></div>
-=== Installing Your Certificate ===
+Once an account on a user interface has been created, the user certificate must be installed. The recommended procedure is to create a directory named <code class="code">.globus</code> under the user home directory to contain your grid credentials. After installation, you can check that it has been done properly with the <code class="code">voms-proxy-init</code> command.
-</div></div></div>
+<div class="sect3" title="PKCS12 (*.p12) Formatted Certificates"><div class="titlepage"><div><div>
-Once an account on a user interface has been created, the user certificate must be installed. The recommended procedure is to create a directory named <code class="code">.globus</code> under the user home directory to contain your grid credentials. After installation, you can check that it has been done properly with the <code class="code">voms-proxy-init</code> command.
+==== PKCS12 (*.p12) Formatted Certificates  ====
-<div title="PKCS12 (*.p12) Formatted Certificates" class="sect3"><div class="titlepage"><div><div>
+</div></div></div>
-==== PKCS12 (*.p12) Formatted Certificates ====
+If you have your credential in <span class="emphasis">''PKCS12 format''</span> (a file with either <code class="code">p12</code> or <code class="code">pfx</code> extension), then copy your credential to the .globus directory and name the file <code class="code">usercred.p12</code>. You need to change the file permission to make sure only you have access to it:
-</div></div></div>
+<pre class="command">$ chmod 0400 usercred.p12</pre>
-If you have your credential in <span class="emphasis">''PKCS12 format''</span> (a file with either <code class="code">p12</code> or <code class="code">pfx</code> extension), then copy your credential to the .globus directory and name the file <code class="code">usercred.p12</code>. You need to change the file permission to make sure only you have access to it:
+The listing of the directory should be similar to:
-<pre class="command">$ chmod 0400 usercred.p12</pre>
+<pre class="command">$ ls -l $HOME/.globus</pre><pre class="response">-r--------    1 doe   xy           2935 Feb  1 10:49 usercred.p12</pre></div><div class="sect3" title="PEM (*.pem) Formatted Certificates"><div class="titlepage"><div><div>
-The listing of the directory should be similar to:
+==== PEM (*.pem) Formatted Certificates  ====
-<pre class="command">$ ls -l $HOME/.globus</pre><pre class="response">-r--------    1 doe   xy           2935 Feb  1 10:49 usercred.p12</pre></div><div title="PEM (*.pem) Formatted Certificates" class="sect3"><div class="titlepage"><div><div>
+</div></div></div>
-==== PEM (*.pem) Formatted Certificates ====
+If you have your credential in <span class="emphasis">''PEM format''</span> (two files with <code class="code">pem</code> extension) then put the certificate and key files in the <code class="code">.globus</code> directory, naming them <code class="code">usercert.pem</code> and <code class="code">userkey.pem</code> respectively, with global read-only permissions for the former, and owner-read permissions for the latter, like so:
-</div></div></div>
-If you have your credential in <span class="emphasis">''PEM format''</span> (two files with <code class="code">pem</code> extension) then put the certificate and key files in the <code class="code">.globus</code> directory, naming them <code class="code">usercert.pem</code> and <code class="code">userkey.pem</code> respectively, with global read-only permissions for the former, and owner-read permissions for the latter, like so:
 <pre class="command">$ chmod 444 usercert.pem
 $ chmod 400 userkey.pem</pre>
 A listing of the directory should be similar to:
 <pre class="command">$ ls -l $HOME/.globus</pre><pre class="response">-r--r--r--    1 doe      xy           4541 Aug 23  2006 usercert.pem
--r--------    1 doe      xy            963 Aug 23  2006 userkey.pem</pre></div></div><div title="Access to Grid Client Commands" class="sect2"><div class="titlepage"><div><div>
+-r--------    1 doe      xy            963 Aug 23  2006 userkey.pem</pre></div></div><div class="sect2" title="Access to Grid Client Commands"><br></div>
-=== Access to Grid Client Commands ===
+[[Category:Operations_Manuals]]
-</div></div></div>
-The PATH and other environment variables may need to be set to use grid client commands. This varies depending on which UI you are using. You should contact the system administrator of the UI to find out if anything special needs to be done to have access to the grid commands.
-For example at CERN, the following scripts need to be sourced to setup the grid environment on the lxplus nodes:
-Bourne shell users (including bash users):
-<pre class="command">$ source  /afs/cern.ch/project/gd/LCG-share/current/etc/profile.d/grid_env.sh</pre>
-C Shell (including tcsh):
-<pre class="command">$ source  /afs/cern.ch/project/gd/LCG-share/current/etc/profile.d/grid_env.csh</pre>
-This setup can be used at any site that has access to AFS.
-</div>

Difference between revisions of "USG Setting up the UI Environment"

Latest revision as of 14:48, 10 January 2013

Contents

Installing Your Certificate

PKCS12 (*.p12) Formatted Certificates

PEM (*.pem) Formatted Certificates

Navigation menu

Difference between revisions of "USG Setting up the UI Environment"

Latest revision as of 14:48, 10 January 2013

Installing Your Certificate

PKCS12 (*.p12) Formatted Certificates

PEM (*.pem) Formatted Certificates

Navigation menu

Search