Manage multiple grid certificates (including certificates from multiple CAs) in your VO membership.
If one or more of your grid certificates have recently changed, or you've obtained a new certificate, you'll need to add the additional certificate to your existing VO membership certificate list.
Using your current certificate
If the certificate that is currently registered to your virtual organization (VO) membership is still valid, not expired, and installed in your browser:
In order to properly install some certificates, verify certificates from other grid users, and send encrypted messages and verify digital signatures, you may need to import and activate a certificate authority (CA) chain into your browser, email client, or operating system.
This also needs to be done for the CERN CA certificate before using certain CERN applications and web sites.
OSG no longer provides a service for issuing grid certificates for its users. Instead, you can request a certificate from the InCommon CILogon Silver CA certificate service (https://cilogon.org), and select your institution as an Identity Provider for the service.
A grid certificate serves as an identifying credential for all grid services, and is comprised of two main components:
Apple's macOS includes a built-in key and password manager, Keychain, which stores user passwords, user and server certificates, and keys. Certain applications, including the Safari web browser, use this centralized Keychain for storing and retrieving certificate information in lieu of maintaining their own, separate certificate repositories. One must use the macOS Keychain in order to add a certificate-key pair to, remove from, or export certificate-key pairs from Safari and other, similar applications.
While these instructions have been created largely for the benefit of ATLAS Virtual Organization (ATLAS VO) members mainly within the United States, members of other VOs may find them useful and should substitute their VO and certificate authority (CA) as appropriate.
Contents:
Grid Certificate issues:
CERN Human Resources Registration
CERN requires everyone who is part of ATLAS or US ATLAS to be registered with CERN Human Resources (HR). Generally, it takes up to one week for CERN HR to process registrations. Because it is necessary to register before moving on to the next step for joining the ATLAS Virtual Organization (ATLAS VO), it is advised that users complete this step as soon as possible. For more information, refer to the ATLAS new registration page.
Before you can start using the grid, you must first establish your grid identity by obtaining a certificate and join a virtual organization (VO) related to your experiment.
The main steps are:
About VOs
Virtual organizations (VOs) are sets of grid identities, organized in groups, with roles assigned to individuals. Typically, these are groups of people that sit at different physical locations all over the world to achieve a common goal, such as finding QGP or the Higgs boson.
