


Task #7273

Updated by Rob Nahf over 7 years ago

From Ben's 07/24/2015 email:
1. Find the public key for the certificate used by the server. The dataone-cn-portal buildout postinst script will
create a file based on the public certificate that is configured for the given CN (usually a wildcard for the domain).
For our test environments, it is: /etc/ssl/certs/
It’s the stuff between BEGIN/END PUBLIC KEY. I can’t remember if I leave the delimiters or not. Safest to leave them.

2. Register this public key with CILogon to get a myproxy id:
You should only register with the round-robin hostname (once per environment) and use URLs that are not machine-
machine-specific. Here’s an example from SANDBOX2: SANDBOX2
Name: DataONE Coordinating Node - Sandbox 2
Home uri:
Failure uri:
Creation time: Wed Jan 28 17:37:48 CST 2015
Generated identifier: myproxy:oa4mp,2012:/client/66a303882b6e4bec1e91cbf2ccda1e8

3. Include this myproxy id in the portal configuration file. Config file: /var/lib/tomcat7/webapps/portal/WEB-INF/client.xml
For more permanent CN buildouts (e.g., DEV2), include it in the dataone-cn-portal postinst script such that the correct
myproxy id will be set in the config file on installation in this environment (there is a big condition block for this).

4. By now, CILogon will have reported back to the email address you registered with that the myproxy client
registration is active.


Add picture from clipboard (Maximum size: 14.8 MB)