Administration
|
Key
This line was removed.
This word was removed. This word was added.
This line was added.
|
Changes (11)
View Page History
...
---- ----
This guide provides step-by-step details on how to install and configure the Naming Authority Web Application and Grid Service version 1.45.
h2. Prerequisites
...In order to install and run the Naming Authority for identifiers, the following prerequisite software must be installed:
# Java 1.56 JDK or Greater
# [Mysql 5 or Greater|http://dev.mysql.com/downloads/mysql/5.0.html]
h2. Step 1: Install caGrid
----
h2. Step 1: Install caGrid
----
In this step you will download and install the Naming Authority using the caGrid Installer. If you already have caGrid 1.45 installed on your machine, you may proceed to the next step. To install caGrid, complete the following steps:
{include:caGrid14:Install caGrid Using the caGrid 1.4 Installer}
{include:caGrid15:Install caGrid Using the caGrid 1.5 Installer}
The installer places caGrid in the directory you specified during installation. From this point forward we refer to this directory as *{_}CAGRID_HOME{_}*.
...h2. Step 2: Obtain Host Credentials
----
----
The identifiers security framework requires a secure web application container. In order to run a secure service, the container hosting the service must run with a host credential. A host credential consists of an X.509 certificate and private key. In a production environment, it is *{_}very important{_}* that this credential be issued by a certificate authority that the environment trusts. For the purposes of this guide we will provide instructions on how to obtain a host credential from [Dorian|dorian145:Home]. Dorian is an open-source service framework for issuing PKI credentials and is a trusted certificate authority in many Grid environments. Most target Grids (selected in the last step) are configured with one or more Dorian instances. For the purposes of this guide, we will provide documentation on requesting a host credential from the *{_}Training Dorian{_}*; similar steps can be used for requesting a host credential from other Dorian instances.
{section}
...{column}
To request a host credential from the Training Dorian, you must have an account. Any user may request an account from the Training Dorian. If you have an account with the Training Dorian, complete the steps below to get a host credential. Otherwise, [click here|dorian145:Dorian Identity Provider Registration] for directions on requesting an account and then proceed with the steps below:
# [Launch|gaardsui145:GAARDS UI] the GAARDS UI.
# [Log|gaardsui145:Logging onto the Grid] onto the Grid.
# From the *{_}MyAccount{_}* menu, select *{_}Request a Host Certificate{_}*. This launches the *{_}Request a Host Certificate{_}* window.
# From the *{_}Service{_}* drop-down menu, select the Dorian from which you wish to request a host certificate.
# From the *{_}Service{_}* drop-down menu, select the Dorian from which you wish to request a host certificate.
...Immediately after clicking the *{_}Request Certificate{_}* button, the UI will submit the host certificate request to Dorian. Upon receiving the request, Dorian will either immediately approve the request or submit the request to an administrator for approval. In the case where the request is immediately approved, the host credentials (certificate and private key) will be written to the directory specified. The file containing the certificate will be named _THE_HOSTNAME_YOU_ENTERED-cert.pem,_. The file containing the private key will be named _THE_HOSTNAME_YOU_ENTERED-key.pem_.
In the case where a host certificate request requires approval of an administrator, the file containing the private key will be named _THE_HOSTNAME_YOU_ENTERED-key.pem_. The host certificate WILL NOT be written since it is not issued until the request is approved. You will need to wait for an administrator to approve your request before proceeding forward. The GAARDS UI provides a means of checking the status of your request. For directions on how to do this, [click here|dorian145:Requesting a Host Certificate].
{tip}Please note the location to which the host certificate and private key were written. These will be needed later to configure the container.
...{include:caGrid145:Configuring Secure Tomcat}
h2. Step 4: Configure and Deploy
...