Access Keys:
Skip to content (Access Key - 0)

Knowledgebase


Create a Secure Globus Container


In order to run services securely over https, you must run a secure container. Running a secure container requires container credentials or a host certificate and corresponding private key. For more information on obtaining container credentials click here. Running a secure Globus container requires the creation of a security descriptorwhich tells Globus how to configure the default container and this includes the specification of the host certificate and private key. Below we have provided an example security descriptor:

<?xml version="1.0" encoding="UTF-8"?>
<securityConfig xmlns="http://www.globus.org">
    <credential>
        <key-file value="PATH_TO_HOST_CREDENTIAL_PRIVATE_KEY"/>
        <cert-file value="PATH_TO_HOST_CREDENTIAL_CERTIFICATE"/>
    </credential>
</securityConfig>

To start a secure Globus container, do the following:

  • Using a new command prompt, change to the Globus location directory and start up Globus. (If globus is already running, be sure to terminate it before you proceed with starting another one.)

%> cd %GLOBUS_LOCATION%\bin
%> globus-start-container.bat -containerDesc ..\..\certificates\security-descriptor.xml

If the command completes successfully, you should see the following output:

Starting SOAP server at: https://127.0.0.1:8443/wsrf/services/
With the following services:

[1]: https://127.0.0.1:8443/wsrf/services/AdminService
[2]: https://127.0.0.1:8443/wsrf/services/AuthzCalloutTestService
[3]: https://127.0.0.1:8443/wsrf/services/ContainerRegistryEntryService
[4]: https://127.0.0.1:8443/wsrf/services/ContainerRegistryService
[5]: https://127.0.0.1:8443/wsrf/services/CounterService
[6]: https://127.0.0.1:8443/wsrf/services/ManagementService
[7]: https://127.0.0.1:8443/wsrf/services/NotificationConsumerFactoryService
[8]: https://127.0.0.1:8443/wsrf/services/NotificationConsumerService
[9]: https://127.0.0.1:8443/wsrf/services/NotificationTestService
[10]: https://127.0.0.1:8443/wsrf/services/PersistenceTestSubscriptionManager
[11]: https://127.0.0.1:8443/wsrf/services/ResolutionService
[12]: https://127.0.0.1:8443/wsrf/services/SampleAuthzService
[13]: https://127.0.0.1:8443/wsrf/services/SecureCounterService
[14]: https://127.0.0.1:8443/wsrf/services/SecurityTestService
[15]: https://127.0.0.1:8443/wsrf/services/ShutdownService
[16]: https://127.0.0.1:8443/wsrf/services/SubscriptionManagerService
[17]: https://127.0.0.1:8443/wsrf/services/TestAuthzService
[18]: https://127.0.0.1:8443/wsrf/services/TestCounterService
[19]: https://127.0.0.1:8443/wsrf/services/TestEnumService
[20]: https://127.0.0.1:8443/wsrf/services/TestRPCService
[21]: https://127.0.0.1:8443/wsrf/services/TestService
[22]: https://127.0.0.1:8443/wsrf/services/TestServiceRequest
[23]: https://127.0.0.1:8443/wsrf/services/TestServiceWrongWSDL
[24]: https://127.0.0.1:8443/wsrf/services/TransferService
[25]: https://127.0.0.1:8443/wsrf/services/Version
[26]: https://127.0.0.1:8443/wsrf/services/WidgetNotificationService
[27]: https://127.0.0.1:8443/wsrf/services/WidgetService
[28]: https://127.0.0.1:8443/wsrf/services/cagrid/CaGridTutorialService
[29]: https://127.0.0.1:8443/wsrf/services/gsi/AuthenticationService
Last edited by
Knowledge Center (2055 days ago) , ...
Adaptavist Theme Builder Powered by Atlassian Confluence