<html>
<head>
<meta http-equiv="content-type" content="text/html; charset=ISO-8859-1">
</head>
<body bgcolor="#FFFFFF" text="#000000">
<div>Dear Users,</div>
<div><br>
</div>
As we announced previously, the scientific computing group has
re-designed the authentication system used by the upcoming upgrade
to Jasmine tape system, Auger batch system and other supporting
applications. Once the upgrade is complete, users must use new
certificates to continue accessing these systems. Today, we are
releasing the tool so that users can acquire a new certificate
before the upgrade. <br>
<div><br>
</div>
<div>At your earliest possible convenience, please run the following
command on a supported machine such as jlabl1.</div>
<div><br>
</div>
<div>
<blockquote style="margin: 0 0 0 40px; border: none; padding:
0px;">
<div><font face="Andale Mono">/site/scicomp/bin/jcert -create</font></div>
</blockquote>
</div>
<div><br>
</div>
<div>The output of this command will look something like the
following:</div>
<div><br>
</div>
<div>
<blockquote style="margin: 0 0 0 40px; border: none; padding:
0px;">
<div><font face="Andale Mono">jlabl1:~$ /site/scicomp/bin/jcert
-create<br>
INFO - Creating keystore file
/home/larrieu/.scicomp/keystore<br>
INFO - Generating self-signed certificate for larrieu. This
could take a minute or two.<br>
INFO - Generating certificate request<br>
INFO - Requesting user certificate from JLabWinCA<br>
Enter CUE password for JLab user larrieu<br>
<br>
INFO - Storing generated certificate chain<br>
INFO - Okay! Certificate is stored.<br>
</font><br>
</div>
</blockquote>
</div>
<div>The result of this command will be the creation of the
following file in your home directory.</div>
<div><br>
</div>
<div>
<blockquote style="margin: 0 0 0 40px; border: none; padding:
0px;">
<div><font face="Andale Mono">~/.scicomp/keystore</font></div>
</blockquote>
</div>
<div><br>
</div>
<div>This file contains your certificate. You should never change
the permissions on this directory or file, since the certificate
stored within is a jlab-signed credential. Any party gaining
access to it would be able to use (or abuse) the scientific
computing resources masquerading as you. Treat it in a fashion
similar to your .ssh directory.</div>
<div><br>
</div>
<div>For more information, consult the following wiki pages:</div>
<div><br>
</div>
<div>
<ol class="MailOutline">
<li><a
href="https://wiki.jlab.org/cc/external/wiki/index.php/New_Jasmine#Certificates">https://wiki.jlab.org/cc/external/wiki/index.php/New_Jasmine#Certificates</a></li>
<li><a
href="https://wiki.jlab.org/cc/external/wiki/index.php/Jcert">https://wiki.jlab.org/cc/external/wiki/index.php/Jcert</a></li>
</ol>
</div>
<div><br>
</div>
<div>Please report any problems or other feedback to <a
href="mailto:scicomp@jlab.org">scicomp@jlab.org</a>. Thank you.</div>
<div><br>
</div>
<div>The Scientific Computing team.</div>
<pre class="moz-signature" cols="72">--
################################################################
# Jie Chen #
# Scientific Computing Group #
# Jefferson Lab #
# 12000 Jefferson Ave #
# Newport News, VA 23606 #
# 757-269-5046 #
# <a class="moz-txt-link-abbreviated" href="mailto:chen@jlab.org">chen@jlab.org</a> #
################################################################</pre>
</body>
</html>