____________________________________________
_____________________________________________
While I was trying to install GridFTP, I initially encountered the following error when I was trying to execute grid-proxy-init:
User Cert File: /home/shakib/.globus/usercert.pem
User Key File: /home/shakib/.globus/userkey.pem
Trusted CA Cert Dir: /etc/grid-security/certificates
Output File: /tmp/x509up_u2035
Your identity: /O=Grid/O=CERN/OU=cern.ch/CN=Shakib Mostafa
Enter GRID pass phrase for this identity:
Creating proxy .++++++++++++
......++++++++++++
Done
ERROR: Couldn't verify the authenticity of the user's credential to generate a proxy from.
grid_proxy_init.c:951:
globus_gsi_cred_handle.c:1515: globus_gsi_cred_verify_proxy_cert_chain: Error verifying credential: Failed to verify credential
OpenSSL Error: (null):0: in library: (null), function (null): (null)
globus_gsi_callback.c:281: globus_i_gsi_callback_create_proxy_callback: Could not verify credential
globus_gsi_callback.c:440: globus_i_gsi_callback_cred_verify: Could not verify credential: unable to get issuer certificate
The reason turned out to be that I did not have an up-to-date CRL list. I was using ca_CERN-0.7, which was supposed to contain information about my used certificate. But later on, when I installed ca_CERN-0.15, grid-proxy-init ran without any trouble. Hence it is very important to make sure that the latest CRL list has been installed.
While trying to transfer files one common error message that occurs is:
This normally occurs if /grid-security/grid-mapfile and ~/.gridmap don't have the exact syntax described in the GridFTP installation section.
This happens when the user certificates don't have the correct access rights :
usercert.per -rw-r--r--
userkey.pem -r--------
While trying to transfer files to all DataTAG machines, I sometimes got the following error message:
This was caused by incorrect information in /etc/resolv.conf. For all DataTAG PCs, this file should contain:
search datatag.org
I encountered some problems with the pid file for GridFTP. Every time I was starting the GridFTP server, it produced a syslog error message:
The server would still start and there wouldn't be any trouble while transferring data. Because the pid file could not be written, other programs that need to use the pid file would not work properly. This pid file problem may be the reason why the server would crash every time I started the NetLogger daemon.
I tried to fix this bug in a number of ways. First I found out that this error message originated from the file:
Server/globus_gridftpserver-1.6/src/ftpd.c
I looked into the code and found the relevant part:
if (!Bypass_PID_Files){ // starts from line 8063
if ((pidfile = fopen(_PATH_FTPD_PID, "w"))) {
fprintf(pidfile, "%ld\n", (long) getpid());
fclose(pidfile);
}
else {
syslog(LOG_ERR, "Cannot write pidfile: %m");
}
}
mode_t oldumask = umask(0000);
...
In the end, I simply changed the default value of Bypass_PID_Files: