Hi Landon,
Am 19.11.2012 18:16, schrieb Landon J Fuller:
> On Nov 10, 2012, at 10:10 AM, Felix Schwarz <felix.schwarz AT oss.schwarz DOT
> eu> wrote:
>
>> Somehow my console can't query the SD status. If I start the sd with '-d100'
>> I
>> only see this output:
>> SSL routines:SSL3_GET_CLIENT_CERTIFICATE:no certificate returned
>> authenticate.c:190-0 Unable to authenticate Director at client.
>
> This means that the SD was expecting a client certificate to be provided by
> the console, but the console is not providing a certificate ("no certificate
> returned"). I believe you can disable this by turning TLS Verify Peer off, if
> you just want to use password authentication. Otherwise, make sure you have a
> TLS Certificate and TLS Key specified in your console configuration.
Indeed the problem was that my certificate was only a 'server' certificate
(which is what you get from most public CAs) and at that time I missed the
exact flow of communication from bconsole -> director -> sd.
Now I can see that 'SSL3_GET_CLIENT_CERTIFICATE' somehow contains a hint but
still the error messages could be way better (but I guess that's because of
OpenSSL's really limited API).
fs
------------------------------------------------------------------------------
Monitor your physical, virtual and cloud infrastructure from a single
web console. Get in-depth insight into apps, servers, databases, vmware,
SAP, cloud infrastructure, etc. Download 30-day Free Trial.
Pricing starts from $795 for 25 servers or applications!
http://p.sf.net/sfu/zoho_dev2dev_nov
_______________________________________________
Bacula-users mailing list
Bacula-users AT lists.sourceforge DOT net
https://lists.sourceforge.net/lists/listinfo/bacula-users
|