Bacula-users
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [Bacula-users] TLS negotiation handshake errors

2009-04-08 20:13:11
Subject: Re: [Bacula-users] TLS negotiation handshake errors
From: Ryan Novosielski <novosirj AT umdnj DOT edu>
To: bacula-users AT lists.sourceforge DOT net
Date: Wed, 08 Apr 2009 19:09:15 -0400 
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Dan Langille wrote:
> baculalist AT encambio DOT com wrote:
>> Hello List,
> 
>> Bacula 2.4.4 and OpenSSL 0.9.8k on Solaris x86 11 (nv-b91),
>> everything is hand compiled but nothing special.
> 
>>   Director hostname back1.host.com: Solaris x86 11 (nv-b91)
>>   File daemon hostname back1.host.com: Solaris x86 11 (nv-b91)
> 
>>   Errors seen on the director:
>>   08-Apr 09:36 bacsrv-dir JobId 40: Start Backup JobId 40, 
>> Job=Debut.2009-04-08_09.36.52.03
>>   08-Apr 09:36 bacsrv-dir JobId 40: Using Device "FileStorage"
>>   08-Apr 09:37 bacsrv-dir JobId 0: Error: openssl.c:86 Connect failure: 
>> ERR=error:1408F10B:SSL routines:SSL3_GET_RECORD:wrong version number
>>   08-Apr 09:37 bacsrv-dir JobId 40: Fatal error: TLS negotiation failed with 
>> FD at "back1.host.com:9102".
> 
>> If I try:
> 
>>   back1$ /pfx/bin/openssl s_client -connect back1.host.com:9102
>>   CONNECTED(00000004)
>>   10511:error:140790E5:SSL routines:SSL23_WRITE:ssl handshake 
>> failure:s23_lib.c:188:
> 
>> If I try:
> 
>>   back1# /pfx/bin/openssl s_server -accept 1080 -cert bacula-crt.pem -key 
>> bacula-key.pem -CAfile certauth.pem
>>   back1$ /pfx/bin/openssl s_client -connect back1.host.com:1080
> 
>> ...everything works and TLS negotiation succeeds without errors.
> 
>> By the way, an identical (same versions and config files) setup
>> with two other hosts Ubuntu 8.04 server AMD64 and OpenSUSE 11
>> AMD64 succeeds.
> 
>> My question is, 'have you seen this (SSL3_GET_RECORD:wrong version
>> number) or similar errors appearing in bacula? Any idea how to rid
>> the daemons of this problem?
> 
> I Googled. I found:
> 
> http://www.mail-archive.com/bacula-users AT lists.sourceforge DOT 
> net/msg04842.html
> 
> Does that help?

Having done this myself (and having had the good sense to Google it, I
might add ;)), I concur -- this is very likely the problem.

- --
 ---- _  _ _  _ ___  _  _  _
 |Y#| |  | |\/| |  \ |\ |  | |Ryan Novosielski - Systems Programmer II
 |$&| |__| |  | |__/ | \| _| |novosirj AT umdnj DOT edu - 973/972.0922 (2-0922)
 \__/ Univ. of Med. and Dent.|IST/CST - NJMS Medical Science Bldg - C630
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iEYEARECAAYFAkndLpsACgkQmb+gadEcsb4v9QCgi3+Y2xdMGsjI4HOIubg+eCMC
bPgAn32yP23APNGb4R2EGFqvumYKJZot
=nNUO
-----END PGP SIGNATURE-----

Attachment: novosirj.vcf
Description: Vcard

------------------------------------------------------------------------------
This SF.net email is sponsored by:
High Quality Requirements in a Collaborative Environment.
Download a free trial of Rational Requirements Composer Now!
http://p.sf.net/sfu/www-ibm-com
_______________________________________________
Bacula-users mailing list
Bacula-users AT lists.sourceforge DOT net
https://lists.sourceforge.net/lists/listinfo/bacula-users
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [Bacula-users] restore file in folder with accent, James Harper
Next by Date:  Re: [Bacula-users] make bat troubles in bacula 3.0.0, Dirk Bartley
Previous by Thread:  Re: [Bacula-users] TLS negotiation handshake errors, Dan Langille
Next by Thread:  Re: [Bacula-users] TLS negotiation handshake errors, baculalist
Indexes:  [Date] [Thread] [Top] [All Lists]