mirror of
https://github.com/moparisthebest/wget
synced 2024-07-03 16:38:41 -04:00
[svn] Document the SSL command-line options.
This commit is contained in:
parent
f97fe7bd3c
commit
369554bd74
@ -1,3 +1,7 @@
|
|||||||
|
2005-04-23 Hrvoje Niksic <hniksic@xemacs.org>
|
||||||
|
|
||||||
|
* wget.texi: Documented the SSL command-line options.
|
||||||
|
|
||||||
2005-04-23 Hrvoje Niksic <hniksic@xemacs.org>
|
2005-04-23 Hrvoje Niksic <hniksic@xemacs.org>
|
||||||
|
|
||||||
* wget.texi (Wgetrc Commands): Document ftp_passwd.
|
* wget.texi (Wgetrc Commands): Document ftp_passwd.
|
||||||
|
113
doc/wget.texi
113
doc/wget.texi
@ -260,6 +260,7 @@ the command line.
|
|||||||
* Download Options::
|
* Download Options::
|
||||||
* Directory Options::
|
* Directory Options::
|
||||||
* HTTP Options::
|
* HTTP Options::
|
||||||
|
* HTTPS (SSL/TLS) Options::
|
||||||
* FTP Options::
|
* FTP Options::
|
||||||
* Recursive Retrieval Options::
|
* Recursive Retrieval Options::
|
||||||
* Recursive Accept/Reject Options::
|
* Recursive Accept/Reject Options::
|
||||||
@ -1250,6 +1251,74 @@ wget --load-cookies cookies.txt \
|
|||||||
@end example
|
@end example
|
||||||
@end table
|
@end table
|
||||||
|
|
||||||
|
@node HTTPS (SSL/TLS) Options
|
||||||
|
@section HTTPS (SSL/TLS) Options
|
||||||
|
|
||||||
|
@cindex SSL
|
||||||
|
To support SSL-based HTTP (HTTPS) downloads, Wget must be compiled
|
||||||
|
with an external SSL library, currently OpenSSL. If Wget is compiled
|
||||||
|
without SSL support, none of these options are available.
|
||||||
|
|
||||||
|
@table @samp
|
||||||
|
@item --sslcertfile=@var{file}
|
||||||
|
Use the client certificate stored in @var{file}. This is needed for
|
||||||
|
servers that are configured to require certificates from the clients
|
||||||
|
that connect to them. Normally a certificate is not required and this
|
||||||
|
switch is optional.
|
||||||
|
|
||||||
|
@cindex SSL certificate
|
||||||
|
@item --sslcertkey=@var{keyfile}
|
||||||
|
Read the certificate key from @var{keyfile}.
|
||||||
|
|
||||||
|
@cindex SSL certificate authority
|
||||||
|
@item --sslcadir=@var{directory}
|
||||||
|
Specifies directory used for certificate authorities (``CA'').
|
||||||
|
|
||||||
|
@item --sslcafile=@var{file}
|
||||||
|
Use @var{file} as the file with the bundle of certificate authorities.
|
||||||
|
|
||||||
|
@cindex SSL certificate type, specify
|
||||||
|
@item --sslcerttype=0/1
|
||||||
|
Specify the type of the client certificate: 0 means @code{PEM}
|
||||||
|
(default), 1 means @code{ASN1} (@code{DER}).
|
||||||
|
|
||||||
|
@cindex SSL certificate, check
|
||||||
|
@item --sslcheckcert=0/1
|
||||||
|
If set to 1, check the server certificate against the specified client
|
||||||
|
authorities. If this is 0 (the default), Wget will break the SSL
|
||||||
|
handshake if the server certificate is not valid.
|
||||||
|
|
||||||
|
@cindex SSL protocol, choose
|
||||||
|
@item --sslprotocol=0-3
|
||||||
|
Choose the SSL protocol to be used. If 0 is specified (the default),
|
||||||
|
the OpenSSL library chooses the appropriate protocol automatically.
|
||||||
|
Specifying 1 forces the use of SSLv2, specifying 2 forces SSLv3, and
|
||||||
|
specifying 3 forces TLSv1.
|
||||||
|
|
||||||
|
In most cases the OpenSSL library is capable of making an intelligent
|
||||||
|
choice of the protocol, but there have been reports of sites that use
|
||||||
|
old (and presumably buggy) server libraries with which a protocol has
|
||||||
|
to be specified manually.
|
||||||
|
|
||||||
|
@cindex EGD
|
||||||
|
@item --egd-file=@var{file}
|
||||||
|
Use @var{file} as the EGD socket. EGD stands for @dfn{Entropy
|
||||||
|
Gathering Daemon}, a user-space program that collects data from
|
||||||
|
various unpredictable system sources and makes it available to other
|
||||||
|
programs that might need it. Encryption software, such as the SSL
|
||||||
|
library, needs sources of non-repeating randomness to seed the random
|
||||||
|
number generator used to produce cryptographically strong keys.
|
||||||
|
|
||||||
|
OpenSSL allows the user to specify his own source of entropy using the
|
||||||
|
@code{RAND_FILE} environment variable. If this variable is unset, or
|
||||||
|
if the specified file does not produce enough randomness, OpenSSL will
|
||||||
|
read random data from EGD socket specified using this option.
|
||||||
|
|
||||||
|
If this option is not specified (and the equivalent startup command is
|
||||||
|
not used), EGD is never contacted. EGD is not needed on modern Unix
|
||||||
|
systems that support @file{/dev/random}.
|
||||||
|
@end table
|
||||||
|
|
||||||
@node FTP Options
|
@node FTP Options
|
||||||
@section FTP Options
|
@section FTP Options
|
||||||
|
|
||||||
@ -2331,6 +2400,10 @@ the retrieval (50 by default).
|
|||||||
@item dot_spacing = @var{n}
|
@item dot_spacing = @var{n}
|
||||||
Specify the number of dots in a single cluster (10 by default).
|
Specify the number of dots in a single cluster (10 by default).
|
||||||
|
|
||||||
|
@item egd_file = @var{string}
|
||||||
|
Use @var{string} as the EGD socket file name. The same as
|
||||||
|
@samp{--egd-file}.
|
||||||
|
|
||||||
@item exclude_directories = @var{string}
|
@item exclude_directories = @var{string}
|
||||||
Specify a comma-separated list of directories you wish to exclude from
|
Specify a comma-separated list of directories you wish to exclude from
|
||||||
download---the same as @samp{-X} (@pxref{Directory-Based Limits}).
|
download---the same as @samp{-X} (@pxref{Directory-Based Limits}).
|
||||||
@ -2482,11 +2555,6 @@ Set proxy authentication user name to @var{string}, like @samp{--proxy-user}.
|
|||||||
@item proxy_passwd = @var{string}
|
@item proxy_passwd = @var{string}
|
||||||
Set proxy authentication password to @var{string}, like @samp{--proxy-passwd}.
|
Set proxy authentication password to @var{string}, like @samp{--proxy-passwd}.
|
||||||
|
|
||||||
@item referer = @var{string}
|
|
||||||
Set HTTP @samp{Referer:} header just like @samp{--referer}. (Note it
|
|
||||||
was the folks who wrote the @sc{http} spec who got the spelling of
|
|
||||||
``referrer'' wrong.)
|
|
||||||
|
|
||||||
@item quiet = on/off
|
@item quiet = on/off
|
||||||
Quiet mode---the same as @samp{-q}.
|
Quiet mode---the same as @samp{-q}.
|
||||||
|
|
||||||
@ -2508,6 +2576,11 @@ Recursion level---the same as @samp{-l}.
|
|||||||
@item recursive = on/off
|
@item recursive = on/off
|
||||||
Recursive on/off---the same as @samp{-r}.
|
Recursive on/off---the same as @samp{-r}.
|
||||||
|
|
||||||
|
@item referer = @var{string}
|
||||||
|
Set HTTP @samp{Referer:} header just like @samp{--referer}. (Note it
|
||||||
|
was the folks who wrote the @sc{http} spec who got the spelling of
|
||||||
|
``referrer'' wrong.)
|
||||||
|
|
||||||
@item relative_only = on/off
|
@item relative_only = on/off
|
||||||
Follow only relative links---the same as @samp{-L} (@pxref{Relative
|
Follow only relative links---the same as @samp{-L} (@pxref{Relative
|
||||||
Links}).
|
Links}).
|
||||||
@ -2538,6 +2611,36 @@ responses---the same as @samp{-S}.
|
|||||||
@item span_hosts = on/off
|
@item span_hosts = on/off
|
||||||
Same as @samp{-H}.
|
Same as @samp{-H}.
|
||||||
|
|
||||||
|
@item ssl_cert_file = @var{string}
|
||||||
|
Set the client certificate file name to @var{string}. The same as
|
||||||
|
@samp{--sslcertfile}.
|
||||||
|
|
||||||
|
@item ssl_cert_key = @var{string}
|
||||||
|
Set the certificate key file to @var{string}. The same as
|
||||||
|
@samp{--sslcertkey}.
|
||||||
|
|
||||||
|
@item ssl_ca_dir = @var{string}
|
||||||
|
Set the directory used for certificate authorities. The same as
|
||||||
|
@samp{--sslcadir}.
|
||||||
|
|
||||||
|
@item ssl_ca_file = @var{string}
|
||||||
|
Set the certificate authority bundle file to @var{string}. The same
|
||||||
|
as @samp{--sslcafile}.
|
||||||
|
|
||||||
|
@item ssl_cert_type = 0/1
|
||||||
|
Specify the type of the client certificate: 0 means @code{PEM}
|
||||||
|
(default), 1 means @code{ASN1} (@code{DER}). The same as
|
||||||
|
@samp{--sslcerttype}.
|
||||||
|
|
||||||
|
@item ssl_check_cert = 0/1
|
||||||
|
If this is set to 1, the server certificate is checked against the
|
||||||
|
specified client authorities. The same as @samp{--sslcheckcert}.
|
||||||
|
|
||||||
|
@item ssl_protocol = 0-3
|
||||||
|
Choose the SSL protocol to be used. 0 means choose automatically, 1
|
||||||
|
means force SSLv2, 2 means force SSLv3, and 3 means force TLSv1. The
|
||||||
|
same as @samp{--sslprotocol}.
|
||||||
|
|
||||||
@item strict_comments = on/off
|
@item strict_comments = on/off
|
||||||
Same as @samp{--strict-comments}.
|
Same as @samp{--strict-comments}.
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user