Hi Landon,

Am 19.11.2012 18:16, schrieb Landon J Fuller:
> On Nov 10, 2012, at 10:10 AM, Felix Schwarz <felix.schwarz AT oss.schwarz DOT 
> eu> wrote:
> 
>> Somehow my console can't query the SD status. If I start the sd with '-d100' 
>> I
>> only see this output:
>> SSL routines:SSL3_GET_CLIENT_CERTIFICATE:no certificate returned
>> authenticate.c:190-0 Unable to authenticate Director at client.
> 
> This means that the SD was expecting a client certificate to be provided by 
> the console, but the console is not providing a certificate ("no certificate 
> returned"). I believe you can disable this by turning TLS Verify Peer off, if 
> you just want to use password authentication. Otherwise, make sure you have a 
> TLS Certificate and TLS Key specified in your console configuration.

Indeed the problem was that my certificate was only a 'server' certificate
(which is what you get from most public CAs) and at that time I missed the
exact flow of communication from bconsole -> director -> sd.

Now I can see that 'SSL3_GET_CLIENT_CERTIFICATE' somehow contains a hint but
still the error messages could be way better (but I guess that's because of
OpenSSL's really limited API).

fs


------------------------------------------------------------------------------
Monitor your physical, virtual and cloud infrastructure from a single
web console. Get in-depth insight into apps, servers, databases, vmware,
SAP, cloud infrastructure, etc. Download 30-day Free Trial.
Pricing starts from $795 for 25 servers or applications!
http://p.sf.net/sfu/zoho_dev2dev_nov
_______________________________________________
Bacula-users mailing list
Bacula-users AT lists.sourceforge DOT net
https://lists.sourceforge.net/lists/listinfo/bacula-users