Difference between revisions of "Accessing Swestore with cURL"

From SNIC Documentation
Jump to: navigation, search
(Swestore documentation moved)
(Tag: New redirect)
 
(2 intermediate revisions by 2 users not shown)
Line 1: Line 1:
[[Category:Swestore]]
+
#REDIRECT[[Swestore Documentation Moved]]
[[Category:Swestore user guide]]
 
[[Swestore|< Swestore]]
 
 
 
 
 
This guide outlines the procedure for using cURL to access files through the WebDav door of dCache.
 
 
 
== Essential parameters ==
 
 
 
--capath /etc/grid-security/certificates
 
The certificate bundle provided through --capath is required in order for cURL to accept the server certificates the door presents. If the certificate bundle is not available, the -k flag may be passed to allow untrusted server certificates.
 
 
 
--cert /tmp/x509up_u1234
 
--cert (or -E) names the proxy certificate generated by arcproxy or similar tools, which is a single PEM file consisting of the client certificate, the proxy key and the proxy certificate. The name will vary based on the user issuing it.
 
grid-proxy-init (and thus arcproxy) will put the certificate in /tmp by default and name it according to the pattern x509up_u<NumericUID>. The -out parameter to grid-proxy-init takes a location to store the certificate in if the default is not sufficient.
 
 
 
--location
 
--location (or -L) instructs cURL to follow HTTP redirects, in this case the 302 redirects that the dCache door uses to direct clients to different storage nodes.
 
 
 
== Required parameters ==
 
 
 
--tls or -1
 
Since sslv3 Version is disabled on servers due to POODLE: SSLv3 vulnerability (CVE-2014-3566) but some of the cURL Versions are trying to connect to SSLv3 instead of TLS and failing to connect to with an error along the lines of <tt>curl: (35) Unknown SSL protocol error in connection to ...</tt>.So this parameter is recommended to be used with cURL till the problem is solved.
 
 
 
Ex:- curl --tls --location --capath /etc/grid-security/certificates
 
 
 
== Sample invocations ==
 
 
 
Downloads the file 'file-to-download.ext':
 
curl --location --capath /etc/grid-security/certificates --cert /tmp/x509up_u1234 -O https://webdav.swegrid.se/target/path/file-to-download.ext
 
 
 
Upload the file 'source.file' as 'uploaded.ext':
 
curl --location --capath /etc/grid-security/certificates --cert /tmp/x509up_u1234 -T ~/source.file https://webdav.swegrid.se/target/path/uploaded.ext
 
 
 
= Credits =
 
 
 
This guide was written by Lars Viklund
 

Latest revision as of 09:54, 8 February 2023