Proxy Certificates
You will need a valid VO CMS proxy certificate in order to be able to submit jobs via CMS Connect. If you don't have a valid grid CMS user certificate, follow Section 5.1 of the CMS Offline WorkBook.
- If you already have a valid VO CMS signed user grid certificate installed another remote machine like lxplus.cern.ch (usually in ~/.globus/{usercert.pem, userkey.pem}) you can simply copy them to the CMS Connect login machine. Just execute the following command from login-el7.uscms.org and enter the username and password to access that remote machine.
$ copy_certificates ================================================================================= This script checks if you have globus certificates or lets you copy them from another machine otherwise (default: lxplus.cern.ch) NOTE: New certificates need to be requested first. Follow this Twiki for that: https://twiki.cern.ch/twiki/bin/view/CMSPublic/WorkBookStartingGrid#ObtainingCert ================================================================================= Check for certificates in /home/yourusername/.globus ... Couldn't find any certificates. Copying certificates from another machine Note: This requires certificates to be under the standard $HOME/.globus location ... Enter hostname of machine to login: lxplus.cern.ch Enter username for lxplus.cern.ch: yourusername Warning: Permanently added the RSA host key for IP address '188.184.70.205' to the list of known hosts. Password: usercert.pem 100% 3526 3.4KB/s 00:00 userkey.pem 100% 2009 2.0KB/s 00:01 All Done... You can execute the following to initialize your proxy: voms-proxy-init -voms cms -valid 192:00
Once you have your certificates available on the submission machine, you will need to initialize the proxy with voms-proxy-init. If you don't initialize your proxy certificate by yourself, or the remaining lifetime of such certificate is short, you will be asked to type your GRID pass phrase to automatically renew your certificate while submitting your jobs.
$ condor_submit job_T2_US_Purdue.jdl Submitting job(s) Your voms proxy expires in 516228s. Please renew! Enter GRID pass phrase: Your identity: /DC=ch/DC=cern/OU=Organic Units/OU=Users/CN=khurtado/CN=764581/CN=Kenyi Paolo Hurtado Anampa Creating temporary proxy ......................................................................... Done Contacting voms2.cern.ch:15002 [/DC=ch/DC=cern/OU=computers/CN=voms2.cern.ch] "cms" Done Creating proxy .......................................................................................................... Done Your proxy is valid until Fri Nov 13 12:58:27 2015 .......... 10 job(s) submitted to cluster 1101.
Of course, you can also initialize your certificate by hand too. The usual command for getting your grid proxy working is:
voms-proxy-init --voms cms -valid 192:00
where -valid 192:00 is the number of hours your proxy will be alive.