File tree Expand file tree Collapse file tree 1 file changed +26
-0
lines changed Expand file tree Collapse file tree 1 file changed +26
-0
lines changed Original file line number Diff line number Diff line change @@ -38,3 +38,29 @@ Like other Internet CAs and unlike IGTF CAs, Let's Encrypt issues end entity cer
3838Let's Encrypt does not issue CRLs for end-entity certificates (see the [ Certification Practice Statement] ( http://cps.root-x1.letsencrypt.org ) ).
3939
4040Make sure to have a process in place to renew your certificates (e.g., [ Certbot] ( https://certbot.eff.org/ ) ).
41+
42+ ## Troubleshooting
43+
44+ ```
45+ # hostname
46+ example.org
47+ # grid-proxy-init -debug -verify -cert /etc/grid-security/hostcert.pem -key /etc/grid-security/hostkey.pem -hours 1 -out /tmp/hostcerttest
48+
49+ User Cert File: /etc/grid-security/hostcert.pem
50+ User Key File: /etc/grid-security/hostkey.pem
51+
52+ Trusted CA Cert Dir: /etc/grid-security/certificates
53+
54+ Output File: /tmp/hostcerttest
55+ Your identity: /CN=example.org
56+ Creating proxy ......++++++
57+ .....++++++
58+ Done
59+ Proxy Verify OK
60+ # openssl verify -CApath /etc/grid-security/certificates /etc/grid-security/hostcert.pem
61+ /etc/grid-security/hostcert.pem: OK
62+ # if [ "`openssl x509 -in /etc/grid-security/hostcert.pem -noout -modulus`" = "`openssl rsa -in /etc/grid-security/hostkey.pem -noout -modulus`" ]; then echo "Match"; else echo "Different"; fi
63+ Match
64+ # openssl x509 -subject -noout -in /etc/grid-security/hostcert.pem
65+ subject= /CN=example.org
66+ ```
You can’t perform that action at this time.
0 commit comments