Provided by: gridsite-clients_3.0.0~20180202git2fdbc6f-3_amd64 bug

NAME
       htproxyput,  htproxydestroy,  htproxytime,  htproxyunixtime,  htproxyrenew  -  GSI  proxy delegations and
       querying, using GridSite/gLite delegation API


SYNOPSIS
       htproxyput, htproxydestroy, htproxytime, htproxyunixtime, htproxyrenew [options] Service-URL

       htproxyinfo [options]


DESCRIPTION
       htproxyput is a client to perform GSI proxy delegations using the GridSite/gLite delegation  Web  Service
       portType. The gridsite-delegation(8) CGI program is the complementary server-side implementation.

       htproxyinfo examines a local copy of a GSI proxy, and outputs a summary of its X.509 and VOMS contents.


OPTIONS
       -v/--verbose
              Turn on debugging information.

       --delegation-id <ID>
              Explicitly specify the Delegation ID to use.

       --destroy
              Instead  of  delegating  a  proxy,  delete  the  proxy from the service's proxy cache. Calling the
              program as htproxydestroy has the same effect.

       --time Instead of delegating a proxy, report the expiration time of the proxy, in the local time  of  the
              client. Calling the program as htproxytime has the same effect.

       --unixtime
              Instead  of  delegating a proxy, report the expiration time of the proxy, as the number of seconds
              since 00:00:00 1970-01-01 UTC. Calling the program as htproxyunixtime has the same effect.

       --renew
              Delegate an updated version of an existing proxy. The Delegation ID must be given when using  this
              option. Calling the program as htproxyrenew has the same effect.

       --info Examine  a local proxy file, and output a summary of the X.509 certificates and VOMS attributes it
              contains. Calling the program as htproxyinfo has the same effect.

       --cert <X.509 cert path>  and  --key <X.509 key path>
              Path to the PEM-encoded X.509 or GSI Proxy user certificate and key to use for HTTPS  connections,
              instead  of "anonymous mode." If only one of --key or --cert is given, then that will be tried for
              both. If neither is given, then the following order of precedence is used: the file name  held  by
              the variable X509_USER_PROXY; the file /tmp/x509up_uID (with Unix UID equal to ID); the file names
              held by X509_USER_CERT / X509_USER_KEY; the files ~/.globus/usercert.pem and ~/.globus/userkey.pem
              (where ~/ is the home directory of the user.)

       --capath <X.509 CA root certs directory or file>
              Path  to  the  PEM-encoded  CA  root  certificates  to  use  when  verifying  remote servers' host
              certificates in HTTPS connections. Ideally this should be a directory of hash.0 files as described
              in  the  OpenSSL verify(1) man page, but a file may be used instead. If --capath is not given, the
              value of the environment variable X509_CERT_DIR will  be  tried.   If  this  is  not  valid,  then
              /etc/grid-security/certificates will be used.

       --no-verify
              Do  not  use CA root certificates to verify remote servers' host certificates.  This is useful for
              testing sites before their certificate is set up properly, but leaves you vulnerable  to  "man  in
              the middle" attacks by hostile servers masquerading as your target.


FILES
       /tmp/x509up_uID
              Default GSI Proxy file for Unix UID equal to ID.

       /etc/grid-security/certificates
              Default location for trusted Certification Authority root certificates to use when checking server
              certificates.

       /tmp/.ca-roots-XXXXXX
              Prior to 7.9.8, the underlying curl library did not support the CA  root  certificates  directory.
              If  built  with  an old version of libcurl, htproxyput will concatenate the certificates in the CA
              roots directory into a unique temporary file and use that.


ENVIRONMENT
       X509_CERT_DIR
              Holds directory to search for Certification Authority  root  certificates  when  verifying  server
              certificates. (Tried if --capath is not given on the command line.)

       X509_USER_PROXY
              Holds file name of a GSI Proxy to use as user certificate. (Tried if --cert or --key are not given
              on the command line.)

       X509_USER_CERT and X509_USER_KEY
              Holds file name of X.509 user certificate and key. (Tried if X509_USER_PROXY is not valid.)


EXIT CODES
       0 is returned on complete success, and non-zero on error.


TO DO
       Better error recovery.


AUTHOR
       Andrew McNab <Andrew.McNab@manchester.ac.uk>

       htproxyput is part of GridSite: http://www.gridsite.org/


SEE ALSO
       htcp(1), gridsite-delegation(8)