ePubs
The open archive for STFC research publications
Home
About ePubs
Content Policies
News
Help
Privacy/Cookies
Suggest an Enhancement
Contact ePubs
Full Record Details
Persistent URL
http://purl.org/net/epubs/work/61855
Record Status
Checked
Record Id
61855
Title
CertWizard: a New Certificate Tool for the UK NGI User Community
Contributors
J Kewley (STFC Daresbury Lab.)
,
J Jensen (STFC Rutherford Appleton Lab.)
,
D Meredith (STFC Daresbury Lab.)
,
A Okcun (STFC Daresbury Lab.)
Abstract
Users find applying for and renewing of their certificates hard. In fact one third of the tickets on the UK NGI Helpdesk in the last year were related to certificates: a common theme being browser issues. STFC staff have produced a browser-independent tool for managing the certificates of the UK NGI user community. This tool, combined with other service improvments, provides a simpler-to-use interface which is more efficient and fully integrated with our already established certificate tools. The NGS runs the world's 2nd largest Grid Certification Authority: the IGTF-accredited UK e-Science CA. It is trialing several innovations for x509 authentication including alternatives to year-long user certificates, but their use will be needed for some time. The CA certificate itself is due for renewal in 2011 and so the opportunity is being taken to make changes at all levels of the service. Up until now, users have used their browser to apply for and renew their certificates. As browsers have evolved there have been a variety of incompatibilities in the way they handle certificates and our list of unsupported browsers has grown. The solution was to write a stand-alone tool to manage these certificate requests without involving a browser. The tool also adds the facility to renew a recently expired certificate and change details such as the user's email address without having to revoke it and apply for a new one like now. It has also been merged with our existing VOMS-enabled MyProxy Upload Tool so that a single tool can be used to manage all the user's certificate interactions. Further work is already underway to add interfaces to provide analogous support for host certificates and for RA Operators to approve both user and host certificate requests. Although the CA part of our tool is tied in to the UK eScience CA, the interface provided is well-defined and would not take too much effort to generalise for other community CAs so we are keen to demonstrate its functionality at the User Forum in Lyon.
Organisation
ESC
,
ESC-LHC
,
STFC
,
ESC-SCT
Keywords
Engineering
,
CA myproxy voms certificate
,
authentication authorisation RA
Funding Information
Related Research Object(s):
Licence Information:
Language
English (EN)
Type
Details
URI(s)
Local file(s)
Year
Presentation
Presented at EGI Technical Forum 2011, Lyon, France, 19-23 Sep 2011.
EGI-TF.ppt
2011
Showing record 1 of 1
Recent Additions
Browse Organisations
Browse Journals/Series
Login to add & manage publications and access information for OA publishing
Username:
Password:
Useful Links
Chadwick & RAL Libraries
SHERPA FACT
SHERPA RoMEO
SHERPA JULIET
Journal Checker Tool
Google Scholar