Re: [Bacula-users] bacula TLS help
2013-11-28 14:10:04
Hi Iban, Have you check too that these files:
/etc/pki/tls/certs/storage.jokefire.com.crt /etc/pki/tls/private/storage.jokefire.com.key
belongs to bacula user ?
I was able to recreate the cert without the email address and ensure that the files were owned by the bacula user:
[root@storage:~/bacula-certs-new] #ls -l /etc/pki/tls/certs/storage.jokefire.com.crt /etc/pki/tls/private/storage.jokefire.com.key /etc/pki/CA/certs/rootBaculaCA.pem -rw-r--r-- 1 bacula bacula 1521 Nov 28 13:53 /etc/pki/CA/certs/rootBaculaCA.pem
-rw-r--r-- 1 bacula bacula 1224 Nov 28 13:54 /etc/pki/tls/certs/storage.jokefire.com.crt -rw-r--r-- 1 bacula bacula 1675 Nov 28 13:54 /etc/pki/tls/private/storage.jokefire.com.key You have mail in /var/spool/mail/root
And this is what the Subject line of the key file looks like now: openssl x509 -in /etc/pki/tls/certs/storage.j okefire.com.crt -noout -text Subject: C=US, ST=XX, L=XX, O=XX, OU=XX, CN=storage.jokef
ire.comOnce again all services bounce cleanly. However when I go into bconsole this is what I find: [root@storage:~/bacula-certs-new] #bconsole Connecting to Director storage.jokefire.com:9101
28-Nov 14:04 bconsole JobId 0: Error: tls.c:92 Error with certificate at depth: 0, issuer = /C=US/ST=XX/L=XX/O=XX/OU=XX/CN= storage.jokefire.com, subject = /C=US/ST=XX/L=XX/O=XX/OU=XX/CN= storage.jokefire.com, ERR=18:self signed certificate
TLS negotiation failed Director authorization problem. Most likely the passwords do not agree. If you are using TLS, there may have been a certificate validation error during the TLS handshake. Please see http://www.bacula.org/en/rel-manual/Bacula_Freque_Asked_Questi.html#SECTION00260000000000000000 for help.
Passwords have not been changed from the working configs, which have been in place and working for several months now. Any further thoughts? Many thanks and I hope you are enjoying your holiday!
Tim
------------------------------------------------------------------------------
Rapidly troubleshoot problems before they affect your business. Most IT
organizations don't have a clear picture of how application performance
affects their revenue. With AppDynamics, you get 100% visibility into your
Java,.NET, & PHP application. Start your 15-day FREE TRIAL of AppDynamics Pro!
http://pubads.g.doubleclick.net/gampad/clk?id=84349351&iu=/4140/ostg.clktrk _______________________________________________
Bacula-users mailing list
Bacula-users AT lists.sourceforge DOT net
https://lists.sourceforge.net/lists/listinfo/bacula-users
|
<Prev in Thread] |
Current Thread |
[Next in Thread>
|
- [Bacula-users] bacula TLS help, Tim Dunphy
- Re: [Bacula-users] bacula TLS help, Iban Cabrillo
- Re: [Bacula-users] bacula TLS help, Tim Dunphy
- Re: [Bacula-users] bacula TLS help, Iban Cabrillo
- Re: [Bacula-users] bacula TLS help,
Tim Dunphy <=
- Re: [Bacula-users] bacula TLS help, Ana Emília M. Arruda
- Re: [Bacula-users] bacula TLS help, Tim Dunphy
- Re: [Bacula-users] bacula TLS help, Ana Emília M. Arruda
- Re: [Bacula-users] bacula TLS help, Iban Cabrillo
- Re: [Bacula-users] bacula TLS help, Tim Dunphy
- Re: [Bacula-users] bacula TLS help, Ana Emília M. Arruda
- Re: [Bacula-users] bacula TLS help, Tim Dunphy
- Re: [Bacula-users] bacula TLS help, Dimitri Maziuk
- Re: [Bacula-users] bacula TLS help, Tim Dunphy
- Re: [Bacula-users] bacula TLS help, Dimitri Maziuk
|
|
|