|
|
(One intermediate revision by the same user not shown) |
Line 1: |
Line 1: |
− | [[Category:Swestore]] | + | #REDIRECT[[Swestore Documentation Moved]] |
− | [[Category:Swestore user guide]]
| |
− | [[Swestore|< Swestore]]
| |
− | | |
− | | |
− | This guide outlines the procedure for using cURL to access files through the WebDav door of dCache.
| |
− | | |
− | == Essential parameters ==
| |
− | | |
− | --capath /etc/grid-security/certificates
| |
− | The certificate bundle provided through --capath is required in order for cURL to accept the server certificates the door presents. If the certificate bundle is not available, the -k flag may be passed to allow untrusted server certificates.
| |
− | | |
− | --cert /tmp/x509up_u1234
| |
− | --cert (or -E) names the proxy certificate generated by arcproxy or similar tools, which is a single PEM file consisting of the client certificate, the proxy key and the proxy certificate. The name will vary based on the user issuing it.
| |
− | grid-proxy-init (and thus arcproxy) will put the certificate in /tmp by default and name it according to the pattern x509up_u<NumericUID>. The -out parameter to grid-proxy-init takes a location to store the certificate in if the default is not sufficient.
| |
− | | |
− | --location
| |
− | --location (or -L) instructs cURL to follow HTTP redirects, in this case the 302 redirects that the dCache door uses to direct clients to different storage nodes.
| |
− | | |
− | == Required parameters ==
| |
− | | |
− | --tls or -1
| |
− | Since sslv3 Version is disabled on servers due to POODLE: SSLv3 vulnerability (CVE-2014-3566) but some of the cURL Versions are trying to connect to SSLv3 instead of TLS and failing to connect to with an error along the lines of <tt>curl: (35) Unknown SSL protocol error in connection to ...</tt>.So this parameter is recommended to be used with cURL till the problem is solved.
| |
− | | |
− | Ex:- curl --tls --location --capath /etc/grid-security/certificates
| |
− | | |
− | == Sample invocations ==
| |
− | | |
− | Downloads the file 'file-to-download.ext':
| |
− | curl --location --capath /etc/grid-security/certificates --cert /tmp/x509up_u1234 -O https://webdav.swegrid.se/target/path/file-to-download.ext
| |
− | | |
− | Upload the file 'source.file' as 'uploaded.ext':
| |
− | curl --location --capath /etc/grid-security/certificates --cert /tmp/x509up_u1234 -T ~/source.file https://webdav.swegrid.se/target/path/uploaded.ext
| |
− | | |
− | = Credits =
| |
− | | |
− | This guide was written by Lars Viklund
| |