Re: [Bacula-users] bacula TLS help
2013-11-28 14:58:43
Hi Tim! Hi Iban!
TLS Verify Peer = <yes|no>
Verify peer certificate. Instructs server to request and verify the client's x509 certificate. Any client certificate signed by a known-CA will be accepted unless the TLS Allowed CN configuration directive is used, in which case the client certificate must correspond to the Allowed Common Name specified. This directive is valid only for a server and not in a client context.
bacula-sd.conf
Storage { # definition of myself ...
# Peer certificate is not required/requested -- peer validity
# is verified by the storage connection cookie provided to the
# File Daemon by the director.
TLS Verify Peer = no ... }
A time ago I configured a test environment with TLS and I remember using "TLS Verify Peer = no" because of the self-signed certificates.
I think you can use "TLS Verify Peer = yes" combined with:
TLS Allowed CN = <string list>
Common name attribute of allowed peer certificates. If this directive is specified, all server certificates will be verified against this list. This can be used to ensure that only the CA-approved Director may connect. This directive may be specified more than once.
------------------------------------------------------------------------------
Rapidly troubleshoot problems before they affect your business. Most IT
organizations don't have a clear picture of how application performance
affects their revenue. With AppDynamics, you get 100% visibility into your
Java,.NET, & PHP application. Start your 15-day FREE TRIAL of AppDynamics Pro!
http://pubads.g.doubleclick.net/gampad/clk?id=84349351&iu=/4140/ostg.clktrk _______________________________________________
Bacula-users mailing list
Bacula-users AT lists.sourceforge DOT net
https://lists.sourceforge.net/lists/listinfo/bacula-users
|
<Prev in Thread] |
Current Thread |
[Next in Thread>
|
- [Bacula-users] bacula TLS help, Tim Dunphy
- Re: [Bacula-users] bacula TLS help, Iban Cabrillo
- Re: [Bacula-users] bacula TLS help, Tim Dunphy
- Re: [Bacula-users] bacula TLS help, Iban Cabrillo
- Re: [Bacula-users] bacula TLS help, Tim Dunphy
- Re: [Bacula-users] bacula TLS help,
Ana Emília M. Arruda <=
- Re: [Bacula-users] bacula TLS help, Tim Dunphy
- Re: [Bacula-users] bacula TLS help, Ana Emília M. Arruda
- Re: [Bacula-users] bacula TLS help, Iban Cabrillo
- Re: [Bacula-users] bacula TLS help, Tim Dunphy
- Re: [Bacula-users] bacula TLS help, Ana Emília M. Arruda
- Re: [Bacula-users] bacula TLS help, Tim Dunphy
- Re: [Bacula-users] bacula TLS help, Dimitri Maziuk
- Re: [Bacula-users] bacula TLS help, Tim Dunphy
- Re: [Bacula-users] bacula TLS help, Dimitri Maziuk
|
|
|