Overview of using certificates at Fermilab
The typical user who just needs a certificate to access protected webpages or run grid jobs doesn't need this extra information. But Fermilab has lots of non-typical users!
About the OSG PKI Certificate Authority
A certificate tied to your affiliation with an OSG Virtual Organization or a DOE lab is issued by the OSG CA. Fermilab computer services that require public key certificates but that are open to a wider audience than just Fermilab people typically recognize the OSG CA. In addition, an OSG certificate can be used for OSG grid computing and may be used to digitally sign outgoing email.
OSG also issues host/service certificates.
- OSG certificates are based on PKI and are in X.509 format.
- OSG certificates are available to people associated with OSG projects and DOE laboratories.
- OSG authenticates based on a VO affiliation and your sponsor's knowledge of your identity, obtained from having met you in person.
- OSG CA issues both personal and host/service certificates.
- An OSG personal certificate lasts one year.