Bacula-users
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [Bacula-users] TLS problem

2010-03-24 14:16:17
Subject: Re: [Bacula-users] TLS problem
From: Zsolt Kozak <kozakzs AT gmail DOT com>
To: bacula-users AT lists.sourceforge DOT net
Date: Wed, 24 Mar 2010 19:14:13 +0100
Hi Hugh,

Thanks for the fast reply. I forgot to post my config. Here they are:

bacula-dir.conf:

Director {                            # define myself
    Name = bacula-dir
    DIRport = 9101                # where we listen for UA connections
    QueryFile = "/etc/bacula/scripts/query.sql"
    WorkingDirectory = "/var/lib/bacula"
    PidDirectory = "/var/run/bacula"
    Maximum Concurrent Jobs = 1
    Password = "secret"         # Console password
    Messages = Daemon
    DirAddress = 192.168.99.55

    TLS Enable              = yes
    TLS Require             = yes
    TLS Verify Peer         = yes
    TLS Allowed CN          = "192.168.99.55"
    TLS CA Certificate File = /etc/bacula/certs/CA.pem
    # This is a server certificate, used for incoming console connections.
    TLS Certificate         = /etc/bacula/certs/bacula-dir-tls-cert.pem
    TLS Key                 = /etc/bacula/certs/bacula-dir-tls-key.pem
}

bconsole.conf:

Director {
    Name                    = bacula-dir
    DIRport                 = 9101
    address                 = 192.168.99.55
    Password                = "secret"
    TLS Enable              = yes
    TLS Require             = yes
    TLS CA Certificate File = /etc/bacula/certs/CA.pem
    TLS Certificate         = /etc/bacula/certs/bacula-dir-tls-client-cert.pem
    TLS Key                 = /etc/bacula/certs/bacula-dir-tls-client-key.pem
}


I did read the article on devco.net. ;) That made me try the TLS from step by step, started with the communication between the director and the bconsole. :) Great documentation, but it did not helped me. :(

cheers,
Zsolt

On Wed, Mar 24, 2010 at 7:05 PM, Hugh Brown <hbrown AT chibi.ubc DOT ca> wrote:
Zsolt Kozak wrote:
> Do you have any idea what's wrong? It's interesting that the TLS-connection
> is OK on the server side, only the bconsole has problems with it....

Are you able to post the relevant parts of bacula-dir.conf and
bconsole.conf?  Seeing which certs are specified where might help.

Also: it's not specific to your problem, but have a look at:

       http://www.devco.net/pubwiki/Bacula/TLS/

It's the best documentation I found on Bacula and TLS.

Thanks,
Hugh

--
Hugh Brown, Systems Manager
The Centre for High-Throughput Biology
hbrown AT chibi.ubc DOT ca

------------------------------------------------------------------------------
Download Intel&#174; Parallel Studio Eval
Try the new software tools for yourself. Speed compiling, find bugs
proactively, and fine-tune applications for parallel performance.
See why Intel Parallel Studio got high marks during beta.
http://p.sf.net/sfu/intel-sw-dev
_______________________________________________
Bacula-users mailing list
Bacula-users AT lists.sourceforge DOT net
https://lists.sourceforge.net/lists/listinfo/bacula-users
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [Bacula-users] Hard disk as backup media, Marcio Vogel Merlone dos Santos
Next by Date:  Re: [Bacula-users] Hard disk as backup media, Josh Fisher
Previous by Thread:  Re: [Bacula-users] TLS problem, Hugh Brown
Next by Thread:  Re: [Bacula-users] TLS problem, Hugh Brown
Indexes:  [Date] [Thread] [Top] [All Lists]