Re: [Bacula-users] TLS Question
2008-08-17 21:50:38
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Sergio Gelato wrote:
> * Ryan Novosielski [2008-08-17 00:54:44 -0400]:
>> However, my question is about whether or not the CN's have to match the
>> DNS name. It appears as if they do.
>
> For server certificates, yes. For client certificates, no. The "TLS
> Allowed CN" configuration directive is meant to apply to client
> certificates.
One last question should fix me up -- which counts as a client? Just
bconsole, or some of the other connections as well?
>> In that case, though, it is curious
>> to me why some of the examples that Landon has in the manual have
>> Allowed CN = bacula AT example.whatever DOT com, since no host name will ever
>> have bacula@anything in it. Perhaps that was only for the console, which
>> maybe does not have this restriction. Not sure.
- --
---- _ _ _ _ ___ _ _ _
|Y#| | | |\/| | \ |\ | | |Ryan Novosielski - Systems Programmer II
|$&| |__| | | |__/ | \| _| |novosirj AT umdnj DOT edu - 973/972.0922 (2-0922)
\__/ Univ. of Med. and Dent.|IST/AST - NJMS Medical Science Bldg - C630
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFIqNVlmb+gadEcsb4RAn80AKDEC3gtUtLRkHrelSPhzjmJIaONSgCgy8Vh
/HrZZaXoanc1ttUUgUWPNhQ=
=I3J1
-----END PGP SIGNATURE-----
novosirj.vcf
Description: Vcard
-------------------------------------------------------------------------
This SF.Net email is sponsored by the Moblin Your Move Developer's challenge
Build the coolest Linux based applications with Moblin SDK & win great prizes
Grand prize is a trip for two to an Open Source event anywhere in the world
http://moblin-contest.org/redirect.php?banner_id=100&url=/ _______________________________________________
Bacula-users mailing list
Bacula-users AT lists.sourceforge DOT net
https://lists.sourceforge.net/lists/listinfo/bacula-users
|
<Prev in Thread] |
Current Thread |
[Next in Thread>
|
- [Bacula-users] TLS Question, Ryan Novosielski
- Re: [Bacula-users] TLS Question, Franky Almonte
- Re: [Bacula-users] TLS Question, Ryan Novosielski
- Re: [Bacula-users] TLS Question, Franky Almonte
- Re: [Bacula-users] TLS Question, Sergio Gelato
- Re: [Bacula-users] TLS Question,
Ryan Novosielski <=
- Re: [Bacula-users] TLS Question, Franky Almonte
- Re: [Bacula-users] TLS Question, Sergio Gelato
- Re: [Bacula-users] TLS Question, Franky Almonte
- Re: [Bacula-users] TLS Question, Sergio Gelato
- Re: [Bacula-users] TLS Question, Dan Langille
- Re: [Bacula-users] TLS Question, Franky Almonte
- Re: [Bacula-users] TLS Question, Dan Langille
- Re: [Bacula-users] TLS Question, Franky Almonte
- Re: [Bacula-users] TLS Question, Dan Langille
- Re: [Bacula-users] TLS Question, Franky Almonte
|
|
|