Bacula-users
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[Bacula-users] TLS FD Errors

2011-06-07 12:42:00
Subject: [Bacula-users] TLS FD Errors
From: Craig Van Tassle <cvantassle AT purdue DOT edu>
To: bacula-users AT lists.sourceforge DOT net
Date: Tue, 7 Jun 2011 12:39:31 -0400 
I'm trying to get TLS working between my Bacula Director and the FD. 
I have it working locally between the Director and the SD, but when I
try to connect to a remote FD it wont authenticate. In my FD logs I get
openssl.c:85-0 jcr=0 Connect failure: ERR=error:140890C7:SSL
routines:SSL3_GET_CLIENT_CERTIFICATE:peer did not return a certificate

We are using all locally generated Certs and they are all signed by a
CA key that we distribute out to the work.

Here is my config, did I miss something?


Director {
  Name = example-dir
  Password = "XXXX"
  TLS Enable = yes
  TLS Require = Yes
  TLS Verify Peer = Yes
  TLS CA Certificate File = /etc/bacula/ssl/bacula_ca.crt
  TLS Certificate = /etc/bacula/ssl/bacula_fd.example.com.pem
  TLS Key = /etc/bacula/ssl/bacula_fd.example.com.key
}

#
# Restricted Director, used by tray-codestorm to get the
#   status of the file daemon
#
Director {
  Name = example-mon
  Password = "XXXX"
  Monitor = yes
}


#
# "Global" File daemon configuration specifications
#
FileDaemon {                          # this is me
  Name = example-fd
  WorkingDirectory = /var/lib/bacula
  Pid Directory = /var/run/bacula
  Maximum Concurrent Jobs = 20
  FDport = 9102                  # where we listen for the director
  FDaddress = ns1.hubzero.org
  TLS Enable = yes
  TLS Require = yes
  TLS CA Certificate File = /etc/bacula/ssl/bacula_ca.crt
  TLS Certificate = /etc/bacula/ssl/bacula_fd.example.com.pem
  TLS Key = /etc/bacula/ssl/bacula_fd.example.com.key
 
}

# Send all messages except skipped files back to Director
Messages {
  Name = Standard
  director = hubzero-dir = all, !skipped, !restored
}




-- 
Craig Van Tassle
HUBzero.org
System Administrator
YONG 1006
Desk Phone : (765)496-6413

------------------------------------------------------------------------------
EditLive Enterprise is the world's most technically advanced content
authoring tool. Experience the power of Track Changes, Inline Image
Editing and ensure content is compliant with Accessibility Checking.
http://p.sf.net/sfu/ephox-dev2dev
_______________________________________________
Bacula-users mailing list
Bacula-users AT lists.sourceforge DOT net
https://lists.sourceforge.net/lists/listinfo/bacula-users
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  [Bacula-users] Director Control Protocol, Tim Gustafson
Next by Date:  Re: [Bacula-users] Director Control Protocol, John Drescher
Previous by Thread:  [Bacula-users] Director Control Protocol, Tim Gustafson
Next by Thread:  Re: [Bacula-users] TLS FD Errors, Radosław Korzeniewski
Indexes:  [Date] [Thread] [Top] [All Lists]