From f652d5ea0d8a6759c9325a97851cf2c3372b4134 Mon Sep 17 00:00:00 2001 From: Andre Sailer Date: Mon, 24 Jun 2024 15:13:49 +0200 Subject: [PATCH] fix(HTCondorCE): UseSSLSubmission: we can just use the proxy file for everything. --- .../Computing/HTCondorCEComputingElement.py | 12 ++++-------- 1 file changed, 4 insertions(+), 8 deletions(-) diff --git a/src/DIRAC/Resources/Computing/HTCondorCEComputingElement.py b/src/DIRAC/Resources/Computing/HTCondorCEComputingElement.py index e7f012bfaa3..92597fd14c2 100644 --- a/src/DIRAC/Resources/Computing/HTCondorCEComputingElement.py +++ b/src/DIRAC/Resources/Computing/HTCondorCEComputingElement.py @@ -250,18 +250,14 @@ def _executeCondorCommand(self, cmd, keepTokenFile=False): } if self.useSSLSubmission: - certFile = "/home/dirac/.globus/usercert.pem" - keyFile = "/home/dirac/.globus/userkey.pem" - if not (os.path.exists(certFile) and os.path.exists(keyFile)): - return S_ERROR( - "You want to use SSL Submission, but certificate and key are not present in /home/dirac/.globus/" - ) + # this is guaranteed by _prepareProxy above + proxyFile = os.environ.get("X509_USER_PROXY") if not (caFiles := getCAsLocation()): return S_ERROR("You want to use SSL Submission, but no CA files are present") htcEnv = { "_condor_SEC_CLIENT_AUTHENTICATION_METHODS": "SSL", - "_condor_AUTH_SSL_CLIENT_CERTFILE": certFile, - "_condor_AUTH_SSL_CLIENT_KEYFILE": keyFile, + "_condor_AUTH_SSL_CLIENT_CERTFILE": proxyFile, + "_condor_AUTH_SSL_CLIENT_KEYFILE": proxyFile, "_condor_AUTH_SSL_CLIENT_CADIR": caFiles, "_condor_AUTH_SSL_SERVER_CADIR": caFiles, "_condor_AUTH_SSL_USE_CLIENT_PROXY_ENV_VAR": "false",