Context Navigation

← Previous Change
Wiki History
Next Change →

General

Timestamp:: Mar 2, 2012, 5:05:55 PM (12 years ago)
Author:: /O=GRID-FR/C=FR/O=CNRS/OU=LAL/CN=Michel Jouvin
Comment:: --

Legend:

: Unmodified
: Added
: Removed
: Modified

Doc/gLite/TemplateCustomization/General

-                      v15
+                      v16
 '''Note : don't change the name of the template, even if you change the name of the account used''' (else you'll need to modify standard templates requiring this user).
 == Accepted CAs ==
 There is one template defining the list of accepted CAs (called the ''CA trust policy''). A default trust policy, called the ''EGI core policy'', is distributed as part of the standard templates. If you need to adjust it or use another trust policy, produce a site template with the information about all the CAs you accept (generally a list of RPM) and define the variable `SECURITY_CA_TRUST_POLICY` to the name of this template.
+== Trusted CAs == #AcceptedCAs
+There is one template defining the list of trusted CAs (called the ''CA trust policy''). A default trust policy, called the ''EGI core policy'', is distributed as part of the standard templates. If you need to adjust it or use another trust policy, produce a site template with the information about all the CAs you accept (generally a list of RPM) and define the variable `SECURITY_CA_TRUST_POLICY` to the name of this template.
 If you want a trust policy example, look at the [source:templates/trunk/grid/glite-3.2/common/security/ca-policy-egi-core.tpl default policy]. If you need to update this template, refer to the standard [wiki:Development/Templates/Generated#TrustedCAsTemplate procedure] to do it.
+Trusted CAs are defined through a set of RPMs. The default template used to configure the RPM repository holding them is `repository/ca` : this template should be provided by the site as part of the site RPM repository templates. If you want to use another template to configure the repository holding the CA RPMS, you must define the variable `SECURITY_CA_RPM_REPOSITORY` to the name of the template to use. If there is no specific template for this (o you use another mean of configuring it), define this variable to `null`.
 == Globus ==