I see that there's mention of obtaining a certificate, but what CA does the certificate need to be signed by? The lack of this information suggests that the remote peer doesn't do certificate validation, and I hope that's not the case.
On a related note, what types of certificate signatures are supported? Is it just RSA or are ECDSA certificates supported as well?
I believe this Q is answered in the Globus docs here:
Does that answer your questions? (Looks like this is a newer version of the doc than the one we started this review with?)
That works, thanks!