Task #7607
Story #7605: MemberNodes not authorizing CN to harvest log records
LTER_EUROPE refuses the production CN from harvesting log records
Status:
New
Priority:
Normal
Assignee:
Category:
Environment.Production
Target version:
Start date:
2016-01-26
Due date:
% Done:
0%
Milestone:
None
Product Version:
*
Story Points:
Sprint:
Description
urn:node:LTER_EUROPE fails with a NotAuthorized exception:
org.dataone.service.exceptions.NotAuthorized: Only the CN or admin is allowed to harvest logs from this node
LTER_EUROPE does not appear to recognize the CN certificate as a valid CN certificate. Jing may be able to help diagnose why since LTER_EUROPE is a metacat installation
Bases from our experience with IOE, we should check that Apache is configured correctly to trust the DataONE Production CA cert,
SSLCACertificateFile /etc/ssl/certs/DataONECAChain.crt
and that Apache is verifying client certs,
SSLVerifyClient optional
History
#1 Updated by Robert Waltz almost 8 years ago
- Description updated (diff)
