Due to switching to the new PRAGMA CA, the DN of the VOMRS server had changed.
Consequently, the VOMS/VOMRS synchronization broke, because the VOMRS server, presenting the host certificate with the new DN, was no longer trusted.
The following steps made the new host certificate DN a trusted DN in the VOMS database.
- Added a toolbar to the browser for launching various tools.
To close the toolbar, use right-click and then deselect the 'Key Manager' check-box. Note: This version is only tested on Firefox3 for following x86 based OS: Linux, Windows XP/Vista, Mac OSX.
The Trust Manager has a number of preferences that affect an application's environment security.
Administrators are advised to review these settings and configure client installations so that they are satisfied with the overall security of their workflows.
In such a configuration, Grisu is not able to inquire about group membership nor request VOMS proxies.
SSLContext ssl Context = Instance("TLSv1.2"); Server Socket Factory sf = SSLServer Socket Default(); Key Manager km = Key Manager Instance(Key Manager Default Algorithm())Key Managers(); Trust Manager tm = Trust Manager Instance(Trust Manager Default Algorithm())Trust Managers(); Secure Random random = new Secure Random(); ssl Context.init(km, tm, random); request Context.put(Binding Provider Properties. I don't want to create the Key and Trust managers manually to avoid the need for system specific configurations.
Looks like we are missing support for proxies in Apache/Tomcat - should we be running Tomcat directly?
In the default installation, Tomcat won't recognize proxy certificates.
However, Trust Manager settings always take precedence for hosts; for example, if blocked by the Trust Manager but is marked as a trusted host in Privileged Locations, then that site will be blocked.