How to create an x509 certificate based on the read-only authorization profile


By Robert Stober | October 15, 2012 | HPC cluster management, CMGUI, Linux Cluster Management, x509



Bright Cluster Manager takes away the complexity of managing Linux clusters. One such example is how using Bright's intuitve CMGUI you can easily provide read-only access to the cluster. This article shows how to create an x509 certificate based on the read-only authorization profile in five fast and easy steps.

Let's get started.

First, Take a look at the "Authorization" resource in the resource tree. Bright comes with a number of authorization profiles including a "Read Only" profile. Each of the check boxes within a profile corresponds to one Bright API call. Note that the Read Only profile has very few of them checked. A user authenticating with a certificate based on this profile will be authorized to see everything, but they won't be able to change anything.



Next, select the "Authentication" resource. You're going to create a new security x509 certificate based on the Read Only authorization profile. Press the "Add" button to open the "Add Certificate" dialog box. Fill in the form as shown below. Note that you'll need to have already created the underlying user account (in this case "rstober"). Press the "Add" button on the dialog box to add the certificate.


add cerificate request resized 600


Then, specify the path to the certificate file and provide the password. Bright will generate the certificate with the name and path you specify.

Press the "Save" button.


add cerificate request2 resized 600


The x509 certificate has been created and saved.

certificate saved resized 600


The last step is to provide the newly-created certificate to the user. He/she can now create a connection profile using it.

 connect using read only certificate resized 600


We're done.

High Performance Computing eBook