When I access https://oim.grid.iu.edu/, it prompts access denied. This site need public key, and private key. GOC has fixed the bug to authenticate our certificate. I merged public key and private key, and then import the merged file to brower. Now, it works.
The command to merge keys is as followed.
pkcs12 -export -clcerts -in usercert.pem -inkey userkey.pem -out openssl_hebing_zhxue.p12
You should pour your certificate into the "personal" section. When the browser goes to oim.grid.iu.edu, it prompts whether pouring oim certificate endorsed by DOE to your browser. Please pour it to Personal section.
openssl生成证书(包括去密码等)http://brucectl.javaeye.com/blog/455182
openssl实现证书的管理:http://www.infosecurity.org.cn/article/pki/certificate/23422.html
去掉密码:
去除key文件口令的命令:
openssl rsa -in server.key -out server.key
去除cert文件口令的命令:
https://www.openssl.org/docs/apps/rsa.html
To remove the pass phrase on an RSA private key: openssl rsa -in key.pem -out keyout.pem
remove cert:openssl x509 -in /home/kaichao/.globus/usercert.pem -subject -noout