How to make Gfac Secure?

Out of the box, Gfac uses a default key distributed in public. Therefore, this does not give you any security. If you just need to try out GFac, this should be fine. However, if you need to deploy a production stack, you should replace the default key with a new key. You can use Open SSL to create your own private key and a certificate. Then you should export the private key in a .pem file and change ssl.hostcertsKeyFile property in factory.properties and gfac.properties files.
How to do a remote installation?

A remote Gfac installation is enabled by configuring SSH or Globus toolkit in Gfac. Look at the associated FAQ entries for more information. You should follow the list given below.
- Remove the installation=local entry from the factory.properties file.
- Configure SSH/ Globus tool kit
- Edit registryUrl property in factory.properties, if Xregistry is not in same host as the factory.
- Unzip the smapgen.war and edit registryUrl and factoryUrl properties in gfac.properties file.
How to configure Gfac to use Globus tool kit?

Before configure a Gfac to use Globus tool kit, you need to have following pre-requisites.
Gfac is configured to use the credentials by defining myproxyUserName, myproxyPasswd and myproxyServer parameters in the factory.properties file. The settings are automatically transferred to application services.
How to configure Gfac to use SSH?
1. Set up SSH keys in every service host, application host or hosts where data products are stored.
2. SSH is configured by defining gfac.ssh.username, gfac.ssh.password, gfac.ssh.keyFileName , gfac.ssh.knownHostsFileName in factory.properties file.
3. Set the ssh enabled flag in every host description document.
4. Define filetransferService=SSH and gfac.prefferedProvider=SSH properties in factory.properties file
5. Define filetransferService=SSH and gfac.prefferedProvider=SSH properties in factory.properties file
How to make portlets work with a different gridsphere version than 2.2?
1. Unzip the gfac.war $unzip gfac.war
2. Replace gridsphere-ui-tags-*.jar in smapgen/WEB-INF/lib with the gridsphere-ui-tags-*.jar in your gridsphere installation
3. Deploy the war file, delete expanded smapgen directory in webapps directory of tomcat, and restart the gridsphere.
How to configure the Factory and application services?

Edit the factory.properties file in Gfac home, and restart the factory. New services will have new properties.
How to configure the Gfac portlet?

Unpack the smapgen.war file, and edit the WEB-INF/classes/gfac.properties file. Deploy the war file, delete expanded smapgen directory in webapps directory of tomcat, and restart the gridsphere.
Clients received Unknown CA try to connect to Xregistry, Factory service or application services. How to fix this?

If this happens you should make sure, the trusted_ca.pem file includes CA that signed client's credentials.

How to make Gfac Secure?

How to do a remote installation?

How to configure Gfac to use Globus tool kit?

How to configure Gfac to use SSH?

How to make portlets work with a different gridsphere version than 2.2?

How to configure the Factory and application services?

How to configure the Gfac portlet?

Clients received Unknown CA try to connect to Xregistry, Factory service or application services. How to fix this?