The JLab SciComp User Certificate Tool, jcert, manages the signed certificate that scientific computing programs use to verify a user's identity.  Be advised that the signed certificate is a credential that identifies a particular user and that anyone with access to it could ID-spoof the Scientific Computing programs and masquerade as you.

SWIF (the workflow system) and Jasmine (the mass storage manager) both require Jefferson Lab certificates for authentication. The certificate identifies the user to the system. Users generate their certificate by executing the following command on an ifarm host (ifarm2401 or ifarm2402):

jcert -create

Please be sure to enter your CUE password exactly. You can verify by having the tool echo the password you typed in with the following command:

jcert -create -jvm:-Djcert.echo.password=true

An expired certificate can be replaced with

jcert -replace

To check the status of your certificate, use

jcert -show

The certificate is stored in ~/.scicomp/keystore

 

Error messages that would indicate you need to replace or create a certificate:

ERROR NSS: client certificate not found: scicomp

 

Note: CUE level 2 systems do not mount CUE home directories. Certificate management must be performed on CUE level 1 (jlabl/ifarm) systems. Certificate will need to be copied to ~/.scicomp/keystore on the CUE level 2 systems (ie. some office linux desktop machines).