Hi,
I can get federation between 2 zones working without ssl but not with ssl enabled. I can’t find any documentation on how to do that. Maybe someone has done this already?
To get federation working without ssl:
acPreConnect(*OUT) { *OUT="CS_NEG_REFUSE"; }
irods_environment.json:
"irods_client_server_negotiation": "off",
"irods_client_server_policy": "CS_NEG_REFUSE",
The federation works as expected. I can browse through both zones and get/ put files between zones.
When I change to use our self signed certificates:
core .re:
acPreConnect(*OUT) { *OUT="CS_NEG_REQUIRE"; }
irods_environment.json:
"irods_client_server_negotiation": "request_server_negotiation",
"irods_client_server_policy": "CS_NEG_REQUIRE",
…
"irods_ssl_certificate_chain_file": "/etc/irods/ssl/irods.crt",
"irods_ssl_certificate_key_file": "/etc/irods/ssl/irods.key",
"irods_ssl_dh_params_file": "/etc/irods/ssl/dhparams.pem",
"irods_ssl_ca_certificate_file": "/etc/irods/ssl/irods.crt",
"irods_ssl_verify_server": "cert"
server_config.json is the same in both configurations.
I can browse though the local zones but I get this error when I try to browse to the federated zone:
$ ils /
/:
C- /zoneRemote
C- /zoneLocal
$ ils /zoneLocal
/zoneLocal:
C- /zoneLocal/home
C- /zoneLocal/projects
C- /zoneLocal/system
C- /zoneLocal/trash
$ ils /zoneRemote
terminating with uncaught exception of type irods::experimental::filesystem::filesystem_error: cannot get status: Unknown error -1825000
Aborted
From the remote site to my local site gives this error:
libc++abi: terminating with uncaught exception of type irods::experimental::filesystem::filesystem_error: cannot get status: Unknown error -1825000
Aborted
On my local site I have irods 4.2.11 on my remote site 4.3.0.
Regards,
Robert Verhagen.
--
--
The Integrated Rule-Oriented Data System (iRODS) - https://irods.org
iROD-Chat: http://groups.google.com/group/iROD-Chat
---
You received this message because you are subscribed to the Google Groups "iRODS-Chat" group.
To unsubscribe from this group and stop receiving emails from it, send an email to irod-chat+...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/irod-chat/46f35866-9442-4c26-b02a-ebe713085f19n%40googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/irod-chat/91781fed-a9d6-4f57-8fec-dc7ddeab7dd4n%40googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/irod-chat/f27f07ac-178d-46e1-9fc2-5f0381cc99a4n%40googlegroups.com.
You received this message because you are subscribed to a topic in the Google Groups "iRODS-Chat" group.
To unsubscribe from this topic, visit https://groups.google.com/d/topic/irod-chat/5zGIcDXW4uM/unsubscribe.
To unsubscribe from this group and all its topics, send an email to irod-chat+...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/irod-chat/CAA-7h7nkFeqHsaPi0tkW-NMu3GEn87gm8%2Bt7JqAPD4iRFoiJrw%40mail.gmail.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/irod-chat/CAJejgGD%2BHOXQkZYtvF4ZDa48S9txRo3Lrnkw6f9FNF9utitTdA%40mail.gmail.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/irod-chat/CAA-7h7ktbmV5yFaC%2BgyAF9bLSy0TxA8bTi1Aq3KtQu0wS8ruWQ%40mail.gmail.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/irod-chat/CAJejgGCsNnWORy4tYERabvSJuidwozdZ6x%3Djzj5DS4HN3SQ7sg%40mail.gmail.com.