The SSL protocol is used to establish a secure communication between the CSGrid Server and its SGAs. It's also used to guarantee the identity of the involved parties: a Server only accepts registries from authorized SGAs, and a SGA connects only to the assinged Server. The following configuration must be complete to achieve this.
In the Server
The following property must be set:
Where keystore_file is the keystore filename and keystore_password is the keystore password.
The autorized SGAs list is defined this way:
In the SGA:
The SGA's certificate and private key and the Server's certificate are defined in the configuration file (see Configutation of Execution Nodes for a detailed explanation).
Creating keystores and certificates
1. To create a keystore with a self-signed certificate
2. To export the certificate
3. To import the CA certificate
4. To generate a private key and a certificate signing requests (CSR)
5. To generate a signed certificate for the associated CSR