To ensure secure services, the container hosting the services must run with a host credential. A host credential consists of an X.509 certificate and private key. Dorian provides a means for users with a grid user account to request a host credential for their services. To request a host credential:
Immediately after clicking the Request Certificate button, the GAARDS UI will submit the host certificate request to Dorian. Upon receiving the request, Dorian will immediately approve the request and the host credentials (certificate and private key) will be written to the specified directory. The file containing the certificate will be named THE_HOSTNAME_YOU_ENTERED-cert.pem. The file containing the private key will be named THE_HOSTNAME_YOU_ENTERED-key.pem.
If the host certificate request requires approval of an administrator, the file containing the private key will be named THE_HOSTNAME_YOU_ENTERED-key.pem. The host certificate will not be written since it is not issued until the request is approved. The GAARDS Admin UI provides a means to check the status of your host certificates request(s). To check the status of a host certificate request:
- Launch the GAARDS UI.
- If you have not done so, login to the Grid with your user account.
- From the MyAccount menu, select My Host Certificates. This will launch the My Host Certificates window.
- From the Service drop-down menu, select the Grid for which you wish to view the host certificates associated with your account.
- Click the Search button.
The host certificates that you requested will appear in the table below the Search button. Locate the certificate that you wish to check the status of. If the status is Pending then an administrator has not yet reviewed your request. If the status is Rejected than an administrator has rejected your request and a host certificate WILL NOT be issued. If the status if Active the an administrator has approved you request and a host certificate was issued. You may download the host certificate by selecting the host certificate in the table and by clicking the View Certificate button. This will launch a window containing the details of your host certificate. You may save the certificate to the file system by clicking the Save Certificate button. We recommend saving the host certificate in the directory you specified when you requested in a file named, THE_HOSTNAME_YOU_ENTERED-cert.pem. Once saved you should have the private key file in the same directory in a file named, THE_HOSTNAME_YOU_ENTERED-key.pem. The private key and certificate make up a host credential.