-
Christoph Anton Mitterer authored
Every time the host certificates are renewed, there’s a chance to forget about the copies of these for xrootd, which are per default in “/etc/grid-security/xrd”. Instead, the host certificate and key shall be read from the “standard” locations. • Set options to read the host certificate and key from “/etc/grid-security/hostcert.pem” respectively “/etc/grid-security/hostkey.pem”. For this to work, the files must be readable by the user that runs the daemon, which can, for example, be accomplished via ACLs using a command like: setfacl -m u:xcache:r /etc/grid-security/hostkey.pem Signed-off-by:Christoph Anton Mitterer <mail@christoph.anton.mitterer.name>
Christoph Anton Mitterer authoredEvery time the host certificates are renewed, there’s a chance to forget about the copies of these for xrootd, which are per default in “/etc/grid-security/xrd”. Instead, the host certificate and key shall be read from the “standard” locations. • Set options to read the host certificate and key from “/etc/grid-security/hostcert.pem” respectively “/etc/grid-security/hostkey.pem”. For this to work, the files must be readable by the user that runs the daemon, which can, for example, be accomplished via ACLs using a command like: setfacl -m u:xcache:r /etc/grid-security/hostkey.pem Signed-off-by:
