[Bacula-users] Please help me getting TLS!

Mon, 18 Sep 2006 11:24:38 -0700

Hi everone,

 

I’m trying to get TLS working.  I’m new at Bacula but I’m already backing up several Windows server and it works quite well.  I’d like to throw in some encryption.  In fact I need to throw in some encryption, because some people here aren’t too crazy for open source software and encrypting everything would just shut their mouth.  Ok, where do I begin…  I don’t know jack about TLS.  Just to mention, I used the RPMs to install bacula.

 

So here’s the steps I took so far.

 

As stated in the documentation, I made a certificate that way:

 

openssl req -new -x509 -nodes -out bacula.pem -keyout bacula.pem -days 3650
 
Now I was in my /etc/bacula directory on my CentOS 4.4 server when I issued the openssl command, so the path to bacula.pem is /etc/bacula/bacula.pem
 
 
 
Now I have to add some lines to to my config files.
 
I started the simpliest way possible, I add these lines:
 
TLS Enable = yes
TLS Require = yes
TLS Certificate = /etc/bacula/bacula.pem
TLS Key = /etc/bacula/bacula.pem
TLS CA Certificate File = /etc/bacula/bacula.pem
 
 


To the director part of bconsole.conf, to the
director and storage part of bacula-dir.conf, and to the director and storage
part of bacula-sd.conf.



 



 



Now the way I see it, I could connect to the
director thru bconsole in an encrypted manner and with ‘status storage’
see the status of the storage deamon, in an encrypted manner too.



 



Now as soon as I try to connect with bconsole, I get
this:



 



[EMAIL PROTECTED] bacula]#
bconsole



Connecting to Director
192.168.100.6:9101



18-Sep 14:06 bconsole:
Fatal error: bnet.c:502 TLS host certificate verification failed. Host
192.168.100.6 did not match presented certificate



TLS negotiation failed



Director authorization
problem.



Most likely the passwords
do not agree.



If you are using TLS,
there may have been a certificate validation error during the TLS handshake.



Please see
http://www.bacula.org/rel-manual/faq.html#AuthorizationErrors for help.



 



And this is where I’M
lost.  What’s wrong with my TLS setting?



 



Thanks



 



 



Yanik



 



 



 



-------------------------------------------------------------------------
Take Surveys. Earn Cash. Influence the Future of IT
Join SourceForge.net's Techsay panel and you'll get the chance to share your
opinions on IT & business topics through brief surveys -- and earn cash
http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV
_______________________________________________
Bacula-users mailing list
Bacula-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/bacula-users

Reply via email to