Author: Radosaw Korzeniewski <radoslaw AT korzeniewski DOT net>
Date: Mon, 2 Dec 2013 22:34:29 +0100
Hello, 2013/11/30 Tim Dunphy <bluethundr AT gmail DOT com> [root@storage:/etc/bacula] #bconsole Connecting to Director storage.jokefire.com:9101 TLS negotiation failed Director authorization problem.
Hello Ana/All, I have some progress to report. Last night I was able to follow the steps that were provided by Ana to recreate the certs. That got me as far as logging into bconsole: [root@ops:~] #b
Author: Ana Emília M. Arruda <emiliaarruda AT gmail DOT com>
Date: Sat, 7 Dec 2013 10:55:09 -0200
Hi Tim! Have you configured storage daemon with TLS? In bacula-dir.conf, you also need to configure storage with TLS in the same way you did for the filedaemon: Storage { Name = File Address = ops.jo
Hi Ana, Thanks for that advice. Here's the storage section from my bacula-dir.conf Storage { Name = File Address = ops.jokefire.com # N.B. Use a fully qualified name here SDPort = 9103 Password = "s
Author: Ana Emília M. Arruda <emiliaarruda AT gmail DOT com>
Date: Sun, 8 Dec 2013 12:56:41 -0200
Address = ops.jokefire.com # N.B. Use a fully qualified name here SDPort = 9103 Password = "secret" Device = FileStorage Media Type = File TLS Certificate = /etc/pki/tls/certs/ops.jokefire.com.crt TL
Hello again Ana and All, I've one last hurdle to cross before getting this to work entirely for the remote clients. Again, the localhost is backing up and restoring successfully. Tho I can bounce all
Author: Ana Emília M. Arruda <emiliaarruda AT gmail DOT com>
Date: Fri, 13 Dec 2013 12:59:13 -0200
Tho I can bounce all bacula services on both the server and remote client, and enter the bacula console (bconsole) But when I do a st client this is what I see: [root@ops:~/bacula-certs] #bconsole Co
Hi again, Ana! It seems that there is something wrong with the client´s certificate (beta.jokefire.com). Did you verified it? Can you post the result of a "show certificate" command? openssl x509 -in
Hey Ana, You´re welcome :) I think the certificate is OK. But I found one thing that you used in different ways on both clients: TLS Certificate = /etc/pki/tls/certs/ops.jokefire.com.crt TLS Certific
Hello Ana, Yes! This worked! I am now finally backing up the localhost and remote client with TLS. Using the method you describe here. I wanted to follow up with the list so that everyone can benefit
Hello all, I'm trying to add TLS encryption to my bacula setup. I've been following this guide which got me almost all of the way there: http://blog.earth-works.com/2013/08/03/configuring-bacul
Author: Iban Cabrillo <cabrillo AT ifca.unican DOT es>
Date: Wed, 27 Nov 2013 13:50:56 +0100
Hi Tim, I have a similar configuration. I think that the proble is in the CN: CN=storage.jokefire.com/emailAddress=bluethundr AT gmail DOT com please could you show the value for DirAddress = ba
Hello Iban! And thank you for your reply. I have a similar configuration. I think that the problem is in the CN: CN=storage.jokefire.com/emailAddress=bluethundr AT gmail DOT com please could you
Author: Iban Cabrillo <cabrillo AT ifca.unican DOT es>
Date: Thu, 28 Nov 2013 12:35:54 +0100
HI Tim, I was pretty sure that the trouble was on the CN, could you tray to create the cert without the email value?? /emailAddress=bluethundr AT gmail DOT com, only CN=storage.jokefire.com. Have
Hi Iban, HI Tim, I was pretty sure that the trouble was on the CN, could you tray to create the cert without the email value?? /emailAddress=bluethundr AT gmail DOT com, only CN=storage.jokefire.c
Author: Ana Emília M. Arruda <emiliaarruda AT gmail DOT com>
Date: Thu, 28 Nov 2013 17:55:04 -0200
Hi Tim! Hi Iban! Maybe the problem is in using "TLS Verify Peer = yes" with self-signed certificates. I found in http://www.bacula.org/manuals/en/concepts/concepts/Bacula_TLS_Communication.html: TLS
Hello Ana, Nice to meet you and thank you for your input as well. Well I tried your suggestion and unfortunately I haven't had any more luck than with Iban's. Here, for reference, are my TLS config
Author: Ana Emília M. Arruda <emiliaarruda AT gmail DOT com>
Date: Fri, 29 Nov 2013 16:45:06 -0200
Hi Tim, Nice to meet you too and you´re welcome :) You are having problem in TLS communication between bconsole and director. I suggest you to remove all the other TLS configuration (client, storage)
Author: Iban Cabrillo <cabrillo AT ifca.unican DOT es>
Date: Fri, 29 Nov 2013 20:41:01 +0100
Hi Tim, Ana, I do not know which is you bacula version, but in the bconsole configuration file , i have the address value pointing to "directors machine name": Director { Name = localhost-dir
Hello Ana and Iban, Nice to meet you too and you´re welcome :) Thanks! :) You are having problem in TLS communication between bconsole and director. I suggest you to remove all the other TLS config