In order to run the UNICORE Client software you will need the following:
a Java 2 Runtime Environment, version 1.4.2 or newer
a valid user certificate
a signer certificate of the Gateway certificate
Owning a valid user certificate which is actually a public key signed by a certificate authority implies that you also own the corresponding private key.
If you are member of several distinct UNICORE grids you will typically have more than one user certificate and signer certificate.
If you use extension software i.e. plug-ins that are not included in the distribution you need the signer certificate of the certificate which was used to sign the plugin. Often this will be identical to what you have already from the Gateway. Plug-ins have to be signed for security reasons, the signature will identify the provider of the software.
The UNICORE Client has been developed as Java 2 (version 1.4.2 or newer) code and is therefore highly portable. The client software has been successfully used on a variety of systems including Solaris, Windows (using Sun's Java Runtime Environment) and Linux.
UNICORE uses certificates for the simplified access to computing resources. There is no need for the user to remember all the login names and related passwords (which may follow complicated password policies) of the different sites where jobs will be run. At each UNICORE server site the user certificate is mapped to a corresponding login. Therefore it is sufficient for the UNICORE user to remember the password of a protected keystore file on the local desktop system where one or more private keys and corresponding certificates are stored.
The user certifcate is also used to establish a secure SSL connection to a UNICORE Gateway when submitting or querying jobs. Each request is signed with the user certificate which prevents modifications of the request during the transfer and identifies the consignor. To establish the SSL connection two certificates are needed in the Client: the user certificate is sent to the Gateway which replies with its own certificate. The Client trusts the Gateway certificate if it was signed by a trusted Certificate Authority. To check this the Client has to have the CA certificate of the Gateway's certificate also in its keystore file.
When running the UNICORE client software for the first time no certificates are issued yet. However the user is prompted whether access to the UNICORE TestGRID is wished. The corresponding certifcates are then generated automatically.
If you are new to the UNICORE software, but if you know of a site which runs a UNICORE server, you should contact the site's UNICORE administrator to get supported in the certification process. It might be that the site does issue own certificates for different purposes.
If you plan to setup the whole system (Client and Servers) by yourself, you also have to install some certification software (e.g. from www.openssl.org) or to access one of the commercial Certificate Authorities (which may be found by a search engine).
NB: The procedure to get a user certificate may be tedious. This is independent from the UNICORE software and depends only on the certification policy which the Usites have imposed. Because the certificate identifies the user, the process has at least the same quality as to apply for a user account. In Germany there is even a related law which imposes rules for the certification, i.e. the certification procedure has the quality of applying for an identity card. However, if you finally have received your user certificate the further installation process of the UNICORE Client should proceed seamlessly.