/[pdpsoft]/nl.nikhef.pdp.fetchcrl/trunk/README
ViewVC logotype

Annotation of /nl.nikhef.pdp.fetchcrl/trunk/README

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1878 - (hide annotations) (download)
Tue Aug 10 07:03:43 2010 UTC (11 years, 3 months ago) by davidg
Original Path: trunk/fetchcrl/README
File size: 4628 byte(s)
upgrade to RC4, see changelog

1 davidg 1758 ==============================================================================
2     fetch-crl - the Certificate Revocation List retrieval tool
3     ==============================================================================
4    
5     The fetch-crl utility will retrieve certificate revocation lists (CRLs) for
6     a set of installed trust anchors, based on crl_url files or IGTF-style info
7     files. It will install these for use with OpenSSL, NSS or third-party tools.
8    
9     For more extensive information about fetch-crl3, please look on the web at:
10    
11     http://www.nikhef.nl/grid/fetchcrl3
12    
13     USAGE
14     -----
15     Usage: fetch-crl [-c|--config configfile] [-l|--infodir path]
16     [--cadir path] [-s|--statedir path] [-o|--output path] [--format @formats]
17     [-T|--httptimeout seconds] [-p|--parallelism n]
18     [-a|--agingtolerance hours] [-r|--randomwait seconds]
19     [-v|--verbose] [-h|--help] [-q|--quiet] [-d|--debug level]
20    
21     Options:
22     -c | --config path
23 davidg 1878 Read configuration data from path, default: /etc/fetch-crl.conf
24 davidg 1758 -l | --infodir path
25     Location of the trust anchor meta-data files (crl_url or info),
26     default: /etc/grid-security/certificates
27     --cadir path
28     Location of the trust anchors (default to infodir)
29     -s | --statedir path
30     Location of the historic state data (for caching and delayed-warning)
31     -T | --httptimeout sec
32     Maximum time in seconds to wait for retrieval or a single URL
33     -o | --output path
34     Location of the CRLs written (global default, defaults to infodir
35     --format @formats
36     Format(s) in which the CRLs will be written (openssl, pem, der, nss)
37     -v | --verbose
38     Become more talkative
39     -q | --quiet
40     Become really quiet (overrides verbosity)
41     -p | --parallelism n
42     Run up to n parallel trust anchor retrieval processes
43     -a | --agingtolerance hours
44     Be quiet for up to hours hours before raising an error. Until
45     the tolerance has passed, only warnings are raised
46     -r | --randomwait seconds
47     Introduce a random delay of up to seconds seconds before starting
48     any retrieval processes
49     -h | --help
50     This help text
51    
52     CONFIGURATION
53     -------------
54     The fetch-crl3 tool has built-in defaults that are suitable for 'grid' setups,
55     where trust anchors are installed in /etc/grid-security/certificates. It will
56     usually do what you want, if you use OpenSSL-like applications.
57    
58     If you want, you can tune fetch-crl in a myriad of ways, by setting any of the
59     flags or options in the configuration file. This configuration file is looked
60 davidg 1878 for in "/etc/fetch-crl.conf" by default, but an alternative location can be
61 davidg 1758 specified with the "-c" command-line option.
62    
63     Please look at the web site or in the example configuration file for more
64     explanation of the various configuration settings.
65    
66    
67    
68     CONTRIBUTIONS AND ACKNOWLEDGEMENTS
69     ----------------------------------
70     Fetch-crl3 is a complete re-write of the utility, but of course owes to the
71     extensive experience and contributions made over time by the contributors to
72     fetch-crl 1.x and 2.x, and to the people that reported bugs and feature
73     requests.
74     The original fetch-crl was developed for the acclaimed EU DataGrid project by
75     Fabio Hernandez and many significant contributions were made by Steve Traylen.
76    
77     Fetch-crl3 was developed by David Groep, mainly for enjoyment, with the help
78     of large quantities of coffee and Spa Rood, and minimal quantities of sleep.
79    
80     This work is part of the research programme of the Dutch Foundation for
81     Fundamental Research on Matter (FOM), which is financially supported by the
82     Netherlands Organisation for Scientific Research (NWO).
83    
84     This work is part of the programme of BiG Grid, the Dutch e-Science Grid,
85     which is financially supported by the Nederlandse Organisatie voor
86     Wetenschappelijk Onderzoek (Netherlands Organisation for Scientific
87     Research, NWO).
88    
89     SUPPORT
90     -------
91     Please send suggestions, bugs and feature requests (and certainly patches)
92     to <fetch-crl-support@nikhef.nl>. Thanks a lot for your help!
93    
94     COPYRIGHT
95     ---------
96     Copyright 2010 David Goep
97     National Institute for Sub-Atomic Physics, FOM-Nikhef
98    
99     Licensed under the Apache License, Version 2.0 (the "License"); you may not
100     use these files except in compliance with the License. You may obtain a copy
101     of the License at
102    
103     http://www.apache.org/licenses/LICENSE-2.0
104    
105     Unless required by applicable law or agreed to in writing, software
106     distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
107     WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
108     License for the specific language governing permissions and limitations
109     under the License.
110    

grid.support@nikhef.nl
ViewVC Help
Powered by ViewVC 1.1.28