sidemenu
|
The Fermilab Computer Security Team administers the
laboratory's computer security program and provides the Fermilab
community with technical expertise and up-to-date information and
resources for improving computer security.
What's New
whatsnewRC.html
- May 8, 2008: Added a list of the
KCA certficate Distinguished
Names for robots (special Kerberos principals) which will be issued by the new KCA servers.
- May 2, 2008: Added initial list of the
KCA certficate Distinguished
Names for people which will be issued by the new KCA servers.
- April 22, 2008: FAQ concerning the new KCA service
- April 3, 2008: Instructions for
forwarding apache access, error, etc logs to central logging can be
found here.
Apache baseline is CD-DocDB # 1536. RA policies are #2336 and #2360.
- January 11, 2008: See Issues with
Expired Certificates
for instructions on dealing with expired certificates in your
certificate stores. Some of you may have an expired DOEGrids
CA
certificate which might be causing problems.
- December 11, 2007: Added start of
How-To Guide on Notes
on Changing Your Kerberos Passwords.
- October 9, 2007: Changed the
configuration
files used to generate DOEGrids host/service certificate requests to
include a single CN in the DN; for multi-home nodes use a regular
expression such as (a|b|c|d).fnal.gov
for this CN.
- August 30, 2007: Updates on Tools page,
linking to newer release of Win32OpenSSL and removed the link to
Kerberos Client-only for Windows/Cygwin as this package is no longer
supported and very much out of date.
- August 15, 2007: DOEGrids Certificate Users:
Please renew (replace) your personal certificates as soon as you
receive the renewal notice E-mail from DOEGrids.org. Do Not Wait until
the expiration date since the pki1.doegrids.org
service site will not accept expired certificates for authentication.
|
