[
Date Prev][
Date Next][
Thread Prev][
Thread Next][
Date Index][
Thread Index]
[
List Home]
|
Re: AW: [geclipse-dev] CA certificate loading
|
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hi Mathias,
>
>> I need it because I have potentially several thousand of g-eclipse
>> instances each
>> needing to load the CA certificates and I don't want to overload the
> http > servers.
>
> Interesting use-case! Are they all running on the same machine? And do
> they all have a separate workspace? So that really means you are
> duplicating the certs several thousand times?!
G-eclipse instances are running each on a worker node (WN) of a glite grid or
a pbs cluster. Actually, we use g-eclipse as an abstraction layer for the distributed
environment (files storages and execution ressources).
One aim of the project is to distribute some parts of a scientific workflow in a transparent manner
for the user. The files accesses are abstracted by using URL (and EFS) instead of file path.
That's why, when a job (a sub part of the workflow) is being executed on a worker node,
we need to initialize the CA certificates and the user token to be able to access the
srm:// urls (and may be the lfn://, it has not been tested yet).
What a mess! So how about
> a functionality like
>
> eu.geclipse.core.security.Security.setCertificateLocation( IPath path )
>
> ?!
>
> Think that would me much more efficient since you could then just
> specify the directory on your machine as certificate location.
Is it possible to use the certificate directory that is already present on the WN? Or should
we load the files from this directory in g-eclipse?
If, it is possible to avoid loading all the file of the directory in g-eclipse, I am really
interested.
Cheers, Rom.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iEYEARECAAYFAkk9SkcACgkQbUN+hKKXqguFMgCgofDHXrbHKwIkDDcLga90o3ZY
MsEAn20885Yg9SXj1GGhsS3zwh9qOPV0
=UM7k
-----END PGP SIGNATURE-----
