1 / 11

IHEP Grid CA Status Report

IHEP Grid CA Status Report. F2F Meeting 8 Mar . 2010. Wei Zhu(zhuw@ihep.ac.cn). Comput ing Cent re , IHEP,CAS,China. Outline. IHEP Grid CA Overview Current status of CA operation Update status . IHEP Introduction. IHEP——Institute of High Energy Physics, CAS, China

RoyLauris
Download Presentation

IHEP Grid CA Status Report

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. IHEP Grid CA Status Report F2F Meeting8 Mar. 2010 Wei Zhu(zhuw@ihep.ac.cn) Computing Centre, IHEP,CAS,China

  2. Outline • IHEP Grid CA Overview • Current status of CA operation • Update status

  3. IHEP Introduction • IHEP——Institute of High Energy Physics, CAS, China • The major institute conducts high energy physics experiments in China

  4. IHEP Grid CA Introduction • The IHEP CA is established and managed by IHEP Computing Center in Beijing and has been running since 2004. • The IHEP CA is an accredited member of both EUGridPMA and APGridPMA. • Web site • https://gridca.ihep.ac.cn/ • CA certificate • https://gridca.ihep.ac.cn/cacert/index.html

  5. IHEP Grid CA Introduction • Person Certificate: C=CN/O=HEP/O=IHEP/OU=CC/CN=zhu wei • Host Certificate: CN=CN/O=HEP/O=IHEP/OU=CC/CN= host/voms.ihep.ac.cn • CRL Policy • https://gridca.ihep.ac.cn/crl/index.html • The lifetime of CRL is 30 days. • CRL is reissued 7 days before expiration even if there have been no revocation. • Last Update: Feb 09 08:32:56 2010 GMT

  6. Current status of CA operation • Personal/Host/Service Certificate: Submit application form for verification, then complete online request procedure step by step. Establish a Specialized CA Room • Only one person has the key to the CA room , and the other has the key to the CA Computer.

  7. Current status of CA operation The following events are recorded and archived: • All requests for certificates • All issued certificates • All requests for revocation • All issued CRLs • Login/logout/reboot of the CA machine • All notifications sent by the CA • Logs for data exchange between CA and RA • Archives are stored in an offline media which is stored in a safe box. Only RA and CA operators can access them.

  8. Authentication Accept request, communicate with CA Current status of CA operation • Staff structure Security Officer RA Operator CA Operator helpdesk Private key management Issue certificate

  9. Update status Number of issued certificates CooperationOrganizations Last update: Feb 10 09:18:36 2010 GMT

  10. Update status • Due to a power supply maintenance for the whole computing room, the IHEP CA website is unavailable from Sep/15/2009 06:30(CST) to Sep/17/2009 18:00(CST). • Some needed webservice port was unopened after the whole adjustment on the export firewall. • The new portable hard drive replace the old one. • Plans to change the CA room.

  11. Thanks Thank you!

More Related