Ignore:
Timestamp:
13/12/07 17:30:59 (12 years ago)
Author:
pjkersha
Message:

python/www/html/sessionMgr.wsdl,
python/ndg.security.common/ndg/security/common/SessionMgr/SessionMgr_services.py,
python/ndg.security.common/ndg/security/common/SessionMgr/SessionMgr_services_types.py,
python/ndg.security.server/ndg/security/server/SessionMgr/SessionMgr_services_server.py:

  • remove refs to proxy certs - using MyProxy? as CA proxy certs aren't generated.
  • make issuingCert nillable as it won't be set if calling MyProxy? in Simple CA mode

python/ndg.security.server/ndg/security/server/conf/sessionMgr.tac: removes refs to proxy cert - replace with user cert

python/ndg.security.server/ndg/security/server/conf/sessionMgrProperties.xml: fix MyProxy? cert times - these are in seconds NOT hours

python/ndg.security.server/ndg/security/server/MyProxy.py: remove '\0's from get and info commands

python/ndg.security.test/ndg/security/test/sessionMgrClient/SessionMgrClientTest.py: fixed for tests with new MyProxy? config as SimpleCA

python/ndg.security.test/ndg/security/test/sessionMgrClient/server.sh: get rid of --pidfile arg to twistd - not needed.

python/ndg.security.test/ndg/security/test/sessionMgrClient/sm-clnt.crt,
python/ndg.security.test/ndg/security/test/sessionMgrClient/sm-clnt.key,

python/ndg.security.test/ndg/security/test/sessionMgr/sessionMgrProperties.xml,
python/ndg.security.test/ndg/security/test/sessionMgr/sessionMgrTest.cfg,
python/ndg.security.test/ndg/security/test/sessionMgrClient/sessionMgrProperties.xml,
python/ndg.security.test/ndg/security/test/sessionMgrClient/sessionMgrClientTest.cfg: altered for tests with multiple CAs

python/ndg.security.common/ndg/security/common/SessionMgr/init.py:

  • removed addUser method - not needed
  • switched refs to proxy cert -> user cert
Location:
TI12-security/trunk/python/ndg.security.test/ndg/security/test
Files:
2 added
7 edited

Legend:

Unmodified
Added
Removed
  • TI12-security/trunk/python/ndg.security.test/ndg/security/test/myProxy/myProxyClientTest.cfg

    r3141 r3145  
    3131 
    3232[test2GetDelegation] 
    33 username: raphaelTest 
    34 #username: Junk 
    35 #passphrase: JunkJunk 
     33username: Junk 
     34#username: raphaelTest 
     35passphrase: JunkJunk 
    3636 
    3737[test3Info] 
    3838#username: sstljakTestUser 
    39 username: Junk 
    4039ownerCertFile: ./proxy-cert.pem 
    4140ownerKeyFile: ./proxy-key.pem 
  • TI12-security/trunk/python/ndg.security.test/ndg/security/test/sessionMgr/sessionMgrProperties.xml

    r3140 r3145  
    7070                        specified when a certificate is first created by store() method 
    7171                --> 
    72                 <proxyCertMaxLifetime>24</proxyCertMaxLifetime> <!-- in hours --> 
     72                <proxyCertMaxLifetime>43200</proxyCertMaxLifetime> <!-- in seconds --> 
    7373                <!--  
    7474                        Life time of a proxy certificate when issued from the Proxy Server  
    7575                        with getDelegation() method 
    7676                        --> 
    77                 <proxyCertLifetime>8</proxyCertLifetime> <!-- in hours --> 
     77                <proxyCertLifetime>43200</proxyCertLifetime> <!-- in seconds --> 
    7878                <caCertFile>$NDGSEC_SM_UNITTEST_DIR/cacert.pem</caCertFile> 
    7979        </myProxyProp> 
  • TI12-security/trunk/python/ndg.security.test/ndg/security/test/sessionMgr/sessionMgrTest.cfg

    r3139 r3145  
    1414 
    1515[test1Connect]          
    16 username = pjkersha 
    17 #username = raphaelTest 
     16username = raphaelTest 
    1817#username = gabriel 
    1918#passphrase = testpassword 
     
    2221 
    2322[test3ConnectNoCreateServerSess]          
    24 username = pjkersha 
    25 #username = gabriel 
     23username = gabriel 
    2624#passphrase = testpassword 
    2725 
  • TI12-security/trunk/python/ndg.security.test/ndg/security/test/sessionMgrClient/SessionMgrClientTest.py

    r3044 r3145  
    3232    test3Passphrase = None 
    3333 
    34     def _getCertChainFromProxyCertFile(self, proxyCertFilePath): 
    35         '''Read proxy cert and user cert from a single PEM file and put in 
     34    def _getCertChainFromProxyCertFile(self, certChainFilePath): 
     35        '''Read user cert and user cert from a single PEM file and put in 
    3636        a list ready for input into SignatureHandler'''                
    37         proxyCertFileTxt = open(proxyCertFilePath).read() 
     37        certChainFileTxt = open(certChainFilePath).read() 
    3838         
    3939        pemPatRE = re.compile(self.__class__.pemPat, re.S) 
    40         x509CertList = pemPatRE.findall(proxyCertFileTxt) 
     40        x509CertList = pemPatRE.findall(certChainFileTxt) 
    4141         
    4242        signingCertChain = [X509CertParse(x509Cert) for x509Cert in \ 
    4343                            x509CertList] 
    4444     
    45         # Expecting proxy cert first - move this to the end.  This will 
     45        # Expecting user cert first - move this to the end.  This will 
    4646        # be the cert used to verify the message signature 
    4747        signingCertChain.reverse() 
     
    8686        reqBinSecTokValType = self.cfg['setUp'].get('reqbinsectokvaltype') 
    8787 
    88         # Check certificate types proxy or standard 
    89         proxyCertFilePath = self.cfg['setUp'].get('proxycertfilepath') 
    90         if proxyCertFilePath: 
     88        # Check certificate types user or standard 
     89        userCertFilePath = self.cfg['setUp'].get('usercertfilepath') 
     90        if userCertFilePath: 
    9191            signingCertChain = \ 
    92                         self._getCertChainFromProxyCertFile(proxyCertFilePath) 
     92                        self._getCertChainFromProxyCertFile(userCertFilePath) 
    9393        else: 
    9494            signingCertChain = None 
     
    111111         
    112112        self.sessID = None 
    113         self.proxyCert = None 
    114         self.proxyPriKey = None 
    115113        self.userCert = None 
    116  
    117 # TODO: is addUser part of session manager? 
    118 #    def test1AddUser(self): 
    119 #        """Add a new user ID to the MyProxy repository""" 
    120 #         
    121 #        passphrase = self.cfg['test1AddUser'].get('passphrase') or \ 
    122 #            getpass.getpass(prompt="\ntest1AddUser pass-phrase for new user: ") 
    123 #             
    124 #        # Note the pass-phrase is read from the file tmp.  To pass 
    125 #        # explicitly as a string use the 'passphrase' keyword instead 
    126 #        self.clnt.addUser(self.cfg['test1AddUser']['username'],  
    127 #                          passphrase=passphrase) 
    128 #        print "Added user '%s'" % self.cfg['test1AddUser']['username'] 
     114        self.userPriKey = None 
     115        self.issuingCert = None 
    129116         
    130117 
     
    139126        if not self.__class__.test2Passphrase: 
    140127            self.__class__.test2Passphrase = getpass.getpass(\ 
    141                                prompt="\ntest2Connect pass-phrase for user: ") 
    142  
    143         self.proxyCert, self.proxyPriKey, self.userCert, self.sessID = \ 
     128                               prompt="\ntest1Connect pass-phrase for user: ") 
     129 
     130        self.userCert, self.userPriKey, self.issuingCert, self.sessID = \ 
    144131            self.clnt.connect(self.cfg['test1Connect']['username'],  
    145132                              passphrase=self.__class__.test2Passphrase) 
     
    177164            prompt="\ntest3ConnectNoCreateServerSess pass-phrase for user: ") 
    178165 
    179         self.proxyCert, self.proxyPriKey, self.userCert, sessID = \ 
     166        self.userCert, self.userPriKey, self.issuingCert, sessID = \ 
    180167            self.clnt.connect(\ 
    181168                      self.cfg['test3ConnectNoCreateServerSess']['username'],  
     
    188175        print "User '%s' connected to Session Manager:\n%s" % \ 
    189176                    (self.cfg['test3ConnectNoCreateServerSess']['username'],  
    190                      self.proxyCert) 
    191              
    192  
    193     def test4DisconnectUsingSessID(self): 
    194         """test4DisconnectUsingSessID: disconnect as if acting as a browser client  
     177                     self.userCert) 
     178             
     179 
     180    def test4DisconnectWithSessID(self): 
     181        """test4DisconnectWithSessID: disconnect as if acting as a browser client  
    195182        """ 
    196183         
    197         print "\n\t" + self.test4DisconnectUsingSessID.__doc__ 
     184        print "\n\t" + self.test4DisconnectWithSessID.__doc__ 
    198185        self.test1Connect() 
    199186         
     
    203190             
    204191 
    205     def test5DisconnectUsingProxyCert(self): 
    206         """test5DisconnectUsingProxyCert: Disconnect as a command line client  
     192    def test5DisconnectWithUserCert(self): 
     193        """test5DisconnectWithUserCert: Disconnect as a command line client  
    207194        """ 
    208195         
    209         print "\n\t" + self.test5DisconnectUsingProxyCert.__doc__ 
    210         self.test1Connect() 
    211          
    212         # Use proxy cert / private key just obtained from connect call for 
    213         # signature generation          
    214         self.clnt.signatureHandler.reqBinSecTokValType = 'X509PKIPathv1' 
    215         self.clnt.signatureHandler.signingPriKey = self.proxyPriKey         
    216         self.clnt.signatureHandler.signingCertChain = (self.userCert, 
    217                                                        self.proxyCert) 
    218          
     196        print "\n\t" + self.test5DisconnectWithUserCert.__doc__ 
     197        self.test1Connect() 
     198         
     199        # Use user cert / private key just obtained from connect call for 
     200        # signature generation 
     201        if self.issuingCert: 
     202            self.clnt.signatureHandler.reqBinSecTokValType = 'X509PKIPathv1' 
     203            self.clnt.signatureHandler.signingPriKey = self.userPriKey         
     204            self.clnt.signatureHandler.signingCertChain = (self.issuingCert, 
     205                                                           self.userCert) 
     206            self.clnt.signatureHandler.signingCert = None 
     207        else: 
     208            self.clnt.signatureHandler.reqBinSecTokValType = 'X509v3' 
     209            self.clnt.signatureHandler.signingPriKey = self.userPriKey         
     210            self.clnt.signatureHandler.signingCertChain = () 
     211            self.clnt.signatureHandler.signingCert = self.userCert 
     212             
    219213        # Proxy cert in signature determines ID of session to 
    220214        # delete 
    221215        self.clnt.disconnect() 
    222         print "User disconnected from Session Manager:\n%s" % self.proxyCert 
    223  
    224  
    225     def test6GetAttCertUsingSessID(self): 
    226         """test6GetAttCertUsingSessID: make an attribute request using 
     216        print "User disconnected from Session Manager:\n%s" % self.userCert 
     217 
     218 
     219    def test6GetAttCertWithSessID(self): 
     220        """test6GetAttCertWithSessID: make an attribute request using 
    227221        a session ID as authentication credential""" 
    228222 
    229         print "\n\t" + self.test6GetAttCertUsingSessID.__doc__         
     223        print "\n\t" + self.test6GetAttCertWithSessID.__doc__         
    230224        self.test1Connect() 
    231225         
    232226        attCert = self.clnt.getAttCert(\ 
    233227            sessID=self.sessID,  
    234             attAuthorityURI=self.cfg['test6GetAttCertUsingSessID']['aauri']) 
     228            attAuthorityURI=self.cfg['test6GetAttCertWithSessID']['aauri']) 
    235229         
    236230        print "Attribute Certificate:\n%s" % attCert  
    237231        attCert.filePath = \ 
    238             self.cfg['test6GetAttCertUsingSessID']['acoutfilepath']  
     232            self.cfg['test6GetAttCertWithSessID']['acoutfilepath']  
    239233        attCert.write() 
    240234 
    241235 
    242     def test6aGetAttCertRefusedUsingSessID(self): 
    243         """test6aGetAttCertRefusedUsingSessID: make an attribute request using 
     236    def test6aGetAttCertRefusedWithSessID(self): 
     237        """test6aGetAttCertRefusedWithSessID: make an attribute request using 
    244238        a sessID as authentication credential requesting an AC from an 
    245239        Attribute Authority where the user is NOT registered""" 
    246240 
    247         print "\n\t" + self.test6aGetAttCertRefusedUsingSessID.__doc__         
    248         self.test1Connect() 
    249          
    250         aaURI = self.cfg['test6aGetAttCertRefusedUsingSessID']['aauri'] 
     241        print "\n\t" + self.test6aGetAttCertRefusedWithSessID.__doc__         
     242        self.test1Connect() 
     243         
     244        aaURI = self.cfg['test6aGetAttCertRefusedWithSessID']['aauri'] 
    251245         
    252246        try: 
     
    261255 
    262256 
    263     def test6bGetMappedAttCertUsingSessID(self): 
    264         """test6bGetMappedAttCertUsingSessID: make an attribute request using 
     257    def test6bGetMappedAttCertWithSessID(self): 
     258        """test6bGetMappedAttCertWithSessID: make an attribute request using 
    265259        a session ID as authentication credential""" 
    266260 
    267         print "\n\t" + self.test6bGetMappedAttCertUsingSessID.__doc__         
    268         self.test1Connect() 
    269          
    270         aaURI = self.cfg['test6bGetMappedAttCertUsingSessID']['aauri'] 
     261        print "\n\t" + self.test6bGetMappedAttCertWithSessID.__doc__         
     262        self.test1Connect() 
     263         
     264        aaURI = self.cfg['test6bGetMappedAttCertWithSessID']['aauri'] 
    271265         
    272266        attCert=self.clnt.getAttCert(sessID=self.sessID,attAuthorityURI=aaURI) 
     
    275269 
    276270 
    277     def test6cGetAttCertWithExtAttCertListUsingSessID(self): 
    278         """test6cGetAttCertUsingSessID: make an attribute request using 
     271    def test6cGetAttCertWithExtAttCertListWithSessID(self): 
     272        """test6cGetAttCertWithSessID: make an attribute request using 
    279273        a session ID as authentication credential""" 
    280274         
    281275        print "\n\t" + \ 
    282             self.test6cGetAttCertWithExtAttCertListUsingSessID.__doc__         
     276            self.test6cGetAttCertWithExtAttCertListWithSessID.__doc__         
    283277        self.test1Connect() 
    284278         
    285279        aaURI = \ 
    286             self.cfg['test6cGetAttCertWithExtAttCertListUsingSessID']['aauri'] 
    287          
    288         # Use output from test6GetAttCertUsingSessID! 
     280            self.cfg['test6cGetAttCertWithExtAttCertListWithSessID']['aauri'] 
     281         
     282        # Use output from test6GetAttCertWithSessID! 
    289283        extACFilePath = \ 
    290     self.cfg['test6cGetAttCertWithExtAttCertListUsingSessID']['extacfilepath']    
     284    self.cfg['test6cGetAttCertWithExtAttCertListWithSessID']['extacfilepath']    
    291285        extAttCert = open(extACFilePath).read() 
    292286         
     
    298292 
    299293 
    300     def test7GetAttCertUsingProxyCert(self): 
    301         """test7GetAttCertUsingProxyCert: make an attribute request using 
    302         a proxy cert as authentication credential""" 
    303         print "\n\t" + self.test7GetAttCertUsingProxyCert.__doc__ 
    304         self.test1Connect() 
    305  
    306         self.clnt.signatureHandler.reqBinSecTokValType = 'X509PKIPathv1' 
    307         self.clnt.signatureHandler.signingPriKey = self.proxyPriKey         
    308         self.clnt.signatureHandler.signingCertChain = (self.userCert, 
    309                                                        self.proxyCert) 
     294    def test7GetAttCertWithUserCert(self): 
     295        """test7GetAttCertWithUserCert: make an attribute request using 
     296        a user cert as authentication credential""" 
     297        print "\n\t" + self.test7GetAttCertWithUserCert.__doc__ 
     298        self.test1Connect() 
     299 
     300        if self.issuingCert: 
     301            self.clnt.signatureHandler.reqBinSecTokValType = 'X509PKIPathv1' 
     302            self.clnt.signatureHandler.signingPriKey = self.userPriKey         
     303            self.clnt.signatureHandler.signingCertChain = (self.issuingCert, 
     304                                                           self.userCert) 
     305            self.clnt.signatureHandler.signingCert = None 
     306        else: 
     307            self.clnt.signatureHandler.reqBinSecTokValType = 'X509v3' 
     308            self.clnt.signatureHandler.signingPriKey = self.userPriKey         
     309            self.clnt.signatureHandler.signingCertChain = () 
     310            self.clnt.signatureHandler.signingCert = self.userCert 
    310311         
    311312        # Request an attribute certificate from an Attribute Authority  
    312         # using the proxyCert returned from connect() 
    313          
    314         aaURI = self.cfg['test7GetAttCertUsingProxyCert']['aauri'] 
     313        # using the userCert returned from connect() 
     314         
     315        aaURI = self.cfg['test7GetAttCertWithUserCert']['aauri'] 
    315316        attCert = self.clnt.getAttCert(attAuthorityURI=aaURI) 
    316317           
     
    334335                    "test2GetSessionStatus", 
    335336                    "test3ConnectNoCreateServerSess", 
    336                     "test4DisconnectUsingSessID", 
    337                     "test5DisconnectUsingProxyCert", 
    338                     "test6GetAttCertUsingSessID", 
    339                     "test6bGetMappedAttCertUsingSessID", 
    340                     "test6cGetAttCertWithExtAttCertListUsingSessID", 
    341                     "test7GetAttCertUsingProxyCert", 
     337                    "test4DisconnectWithSessID", 
     338                    "test5DisconnectWithUserCert", 
     339                    "test6GetAttCertWithSessID", 
     340                    "test6bGetMappedAttCertWithSessID", 
     341                    "test6cGetAttCertWithExtAttCertListWithSessID", 
     342                    "test7GetAttCertWithUserCert", 
    342343                    "test8GetX509Cert", 
    343344                  )) 
  • TI12-security/trunk/python/ndg.security.test/ndg/security/test/sessionMgrClient/server.sh

    r2866 r3145  
    1717 
    1818EXEC=twistd  
    19 OPTIONS="--pidfile=twistd-$$.pid -noy" 
     19OPTIONS="-noy" 
    2020TACFILE=sessionMgr.tac 
    2121 
  • TI12-security/trunk/python/ndg.security.test/ndg/security/test/sessionMgrClient/sessionMgrClientTest.cfg

    r3044 r3145  
    1212#smuri = https://localhost/SessionManager 
    1313smuri = https://localhost:5700/SessionManager 
    14 #smuri = https://glue.badc.rl.ac.uk:50000/SessionManager 
    1514 
    1615# For https connections only.  !Omit ssl* settings if using http! 
     
    1817# same as peer hostname.  
    1918#sslpeercertcn = webSphereTest 
    20 sslcacertfilepathlist = cacert.pem 
     19sslcacertfilepathlist = ./ca/ndg-test-ca.crt ./ca/cacert.pem 
    2120 
    2221# Set to False to test service without WS-Security signature 
     
    2423 
    2524# ValueType for BinarySecurityToken element of WSSE header.  Specify 
    26 # 'X509PKIPathv1' for use with proxy certificates 
     25# 'X509PKIPathv1' for use with user certificates 
    2726reqbinsectokvaltype = X509v3 
    2827#reqbinsectokvaltype = X509 
    2928#reqbinsectokvaltype = X509PKIPathv1 
    3029 
    31 # Test with proxy certificates or with standard certs.  Comment out as  
    32 # appropriate 
    33 #proxycertfilepath = ./proxy-cert.pem 
     30# Test with chain of certificates (as with a proxy cert.) or with standard  
     31# certs.  Comment out as appropriate 
     32#certchainfilepath = ./user-cert.pem 
    3433 
    35 # Test without proxy certificates - uses AA server side cert/private key for 
    36 # client side too (!) 
    37 clntcertfilepath = ./clnt-cert.pem 
    38  
    39 clntprikeyfilepath = ./clnt-key.pem 
    40 #clntprikeyfilepath = ./proxy-key.pem 
     34# Test without cert. chain 
     35clntcertfilepath = ./sm-clnt.crt 
     36clntprikeyfilepath = ./sm-clnt.key 
    4137 
    4238# Password protecting client private key - if omitted it will be prompted for 
     
    4642# Space separated list of CA certificate files used to verify certificate used 
    4743# in message signature 
    48 cacertfilepathlist = ./cacert.pem 
     44cacertfilepathlist = ./ca/ndg-test-ca.crt ./ca/cacert.pem 
    4945 
    5046[test1Connect]          
    51 #username = lawrence 
    5247username = raphaelTest 
    5348#username = gabriel 
    54 passphrase = testpassword 
     49#passphrase = testpassword 
    5550 
    5651[test3ConnectNoCreateServerSess]          
    5752username = raphaelTest 
    5853#username = gabriel 
    59 passphrase = testpassword 
     54#passphrase = testpassword 
    6055 
    61 [test6GetAttCertUsingSessID] 
     56[test6GetAttCertWithSessID] 
    6257aaURI = http://localhost:5000/AttributeAuthority 
    6358acOutFilePath = ac-out.xml 
    6459 
    65 [test6aGetAttCertRefusedUsingSessID] 
     60[test6aGetAttCertRefusedWithSessID] 
    6661aaURI = http://localhost:5100/AttributeAuthority 
    6762 
    68 [test6bGetMappedAttCertUsingSessID] 
     63[test6bGetMappedAttCertWithSessID] 
    6964aaURI = http://localhost:5100/AttributeAuthority 
    7065 
    71 [test6cGetAttCertWithExtAttCertListUsingSessID] 
     66[test6cGetAttCertWithExtAttCertListWithSessID] 
    7267aaURI = http://localhost:5100/AttributeAuthority 
    73 # Use output from test6GetAttCertUsingSessID! 
     68# Use output from test6GetAttCertWithSessID! 
    7469extACFilePath = ac-out.xml 
    7570 
    76 [test7GetAttCertUsingProxyCert] 
     71[test7GetAttCertWithUserCert] 
    7772aaURI = http://localhost:5000/AttributeAuthority 
    78 #aaURI = http://glue.badc.rl.ac.uk/services/ndg/security/AttributeAuthority 
  • TI12-security/trunk/python/ndg.security.test/ndg/security/test/sessionMgrClient/sessionMgrProperties.xml

    r3135 r3145  
    44    <useSSL>Yes</useSSL> <!-- leave blank to use http --> 
    55    <!--<useSSL>Yes</useSSL>  leave blank to use http --> 
    6     <sslCertFile>$NDGSEC_SM_UNITTEST_DIR/sm-cert.pem</sslCertFile> 
    7     <sslKeyFile>$NDGSEC_SM_UNITTEST_DIR/sm-key.pem</sslKeyFile> 
     6    <sslCertFile>$NDGSEC_SM_UNITTEST_DIR/sm.crt</sslCertFile> 
     7    <sslKeyFile>$NDGSEC_SM_UNITTEST_DIR/sm.key</sslKeyFile> 
    88    <!--  
    99    Directory containing CA cert.s to verify SSL peer cert against  
     
    2323    --> 
    2424    <caCertFileList> 
    25         <caCertFile>$NDGSEC_SM_UNITTEST_DIR/cacert.pem</caCertFile> 
     25        <caCertFile>$NDGSEC_SM_UNITTEST_DIR/ca/ndg-test-ca.crt</caCertFile> 
     26        <caCertFile>$NDGSEC_SM_UNITTEST_DIR/ca/cacert.pem</caCertFile> 
    2627    </caCertFileList> 
    27     <certFile>$NDGSEC_SM_UNITTEST_DIR/sm-cert.pem</certFile> 
    28     <keyFile>$NDGSEC_SM_UNITTEST_DIR/sm-key.pem</keyFile> 
     28    <certFile>$NDGSEC_SM_UNITTEST_DIR/sm.crt</certFile> 
     29    <keyFile>$NDGSEC_SM_UNITTEST_DIR/sm.key</keyFile> 
    2930    <keyPwd/> 
    3031    <!--  
     
    7273                        specified when a certificate is first created by store() method 
    7374                --> 
    74                 <proxyCertMaxLifetime>24</proxyCertMaxLifetime> <!-- in hours --> 
     75                <proxyCertMaxLifetime>43200</proxyCertMaxLifetime> <!-- in seconds --> 
    7576                <!--  
    7677                        Life time of a proxy certificate when issued from the Proxy Server  
    7778                        with getDelegation() method 
    78                         --> 
    79                 <proxyCertLifetime>8</proxyCertLifetime> <!-- in hours --> 
    80                 <caCertFile>$NDGSEC_SM_UNITTEST_DIR/cacert.pem</caCertFile> 
     79                --> 
     80                <proxyCertLifetime>43200</proxyCertLifetime> <!-- in seconds --> 
     81                <caCertFile>$NDGSEC_SM_UNITTEST_DIR/ca/cacert.pem</caCertFile> 
    8182        </myProxyProp> 
    8283        <simpleCACltProp> 
Note: See TracChangeset for help on using the changeset viewer.