NCSA Certificate Authority Information: http://security.ncsa.illinois.edu/CA/

To get your cert, refer to http://www.ncsa.illinois.edu/UserInfo/Grid/Security/GetUserCert.html

Follow these steps to request your NCSA certificate:

  1. Log into the machine from which you will be requesting your certificate.
  2. If you want to check the help for different flags, type
    % ncsa-cert-request -helpIf the output looks something like "ncsa-cert-request: Command not found.", then your path and environment need to be configured properly.Setting Your Environment and Pathexplains how to do this for NCSA production machines.
  3. For a user certificate, just run the script to request the certificate.
    % ncsa-cert-request
  4. You will be prompted for both your NCSA Kerberos password and your NCSA default password: To continue, please enter the NCSA Kerberos password for jdoe:
    To continue, please enter the NCSA default password for jdoe:
  5. Then you will be prompted to enter a pass phrase.Your pass phrase is much like a traditional password. You should choose a pass phrase containing at least 12 characters. Choose a pass phrase that you can remember, but which cannot be easily guessed. The longer the phrase is, the more secure it is. For example, it could be a line from your favorite song. It is a good practice to include at least one numerical character (0-9) and one non-alphanumeric character (!@#$%^&*). Make sure you remember this pass phrase. If you forget it, you'll have to revoke your certificate and request a new one.
  6. When prompted enter your pass phrase a second time to confirm your pass phrase (i.e. make sure you didn't make any typing errors).

After a few seconds you should see a message describing the various certificate files now in the ~/.globus directory.

  • No labels