globus-connect-server-setup does not update CILogon cert CRL files in GridFTP trusted certs directory. These CRL files get dropped down during the initial setup of an endpoint configured for CILogon activation, but subsequent executions of globus-connect-server-setup do not update the CRL files. When these files expire, endpoint user/admins encounter access errors complaining about the CRL files being expired that prevent endpoint access until the CRL files are removed or manually updated. Verified with GCS-4.0.46 on CentOS7. Also have ticket where behavior was observed with GCS-4.0.46 on CentOS6.
globus-connect-server-setup does not update CILogon cert CRL files in GridFTP trusted certs directory. These CRL files get dropped down during the initial setup of an endpoint configured for CILogon activation, but subsequent executions of globus-connect-server-setup do not update the CRL files. When these files expire, endpoint user/admins encounter access errors complaining about the CRL files being expired that prevent endpoint access until the CRL files are removed or manually updated. Verified with GCS-4.0.46 on CentOS7. Also have ticket where behavior was observed with GCS-4.0.46 on CentOS6.
See also ticket: https://globusonline.zendesk.com/agent/tickets/308852