We need to keep valid certificates for the VDT machines and some of the services then run. When certificates have expired or are about to expire, follow these instructions to renew them.
There are a few parts of the VDT that help with the overall task:
GRID_SECURITY_DIRenvironment variable to
For each machine or service certificate that needs renewing:
-hostswitch with the fully-qualified hostname
-serviceswitch and the service identifier
./doegrids-cert-request -host vdt-redhat9.cs.wisc.edu ./doegrids-cert-request -host vdt-redhat9.cs.wisc.edu -service ldap
The command output tells where it saved the resulting
.pem files, such as
.pemfiles generated above to the machine-specific certificate directory
cp $VDT_LOCATION/globus/share/*.pem /p/condor/home/certificates/vdt-sles9-ia64/
Presently, only Alain can do this step.
Once you have the new certificate(s):