Obtain Host Credentials
In order to run services securely over https, you must run a secure container. Running a secure container requires container credentials or a host certificate and corresponding private key. For the purposes of this tutorial we will obtain host credentials from Dorian, we have provided a Dorian instance which will allow any individual taking this tutorial to obtain host credentials. It is important to note that these credentials are for testing purposes and should not be used in a production environment. The GAARDS UI provides the ability to create and host credentials. To obtain host credentials complete the following steps:
- Launch the GAARDS UI if it is not already running
- If you have yet to do so Logon to the Grid
- From the MyAccount menu select Request Host Certificate, this will launch the Request Host Certificate window.
- From the Service drop down select Training.
- In the Host text box, enter the name of the host you are running this tutorial on.
 | In phase 1 of this tutorial, we used localhost as the hostname. Do not use localhost here, as in a later step we will request host credentials, and cannot request host credentials for host "localhost". This is because Dorian has a built-in security mechanism to not issue credentials when a prior user has requested credentials for that host (e.g., someone has probably requested credentials for localhost already, and we can't request credentials for the host again). Please enter your actual hostname. |
- Leave the default value for the write credentials. By default, the caGrid installer configures Tomcat to use that directory to read your credentials from.
- Click the Request Certificate button.
Immediately after clicking the Request Certificate button, the UI will submit the host certificate request to Dorian. Upon receiving the request Dorian will immediately approve the request and the host credentials (certificate and private key) will be written to the directory specified. The file containing the certificate will be named THE_HOSTNAME_YOU_ENTERED-cert.pem, the file containing the private key will be named THE_HOSTNAME_YOU_ENTERED-key.pem.
Administration
