-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Ben Walton @ 07/23/2011 02:01 PM: > Excerpts from scar's message of Sat Jul 23 15:56:53 -0400 2011: > >> i think what is confusing me the most is what to use for CN, but i >> am generally puzzled as to how to generate the certs properly in >> general. i've got TinyCA installed and i created a CA, what's next? > > Generally speaking, the CN field should be the fully qualified > hostname of your system. For a case where you're doing dir and sd on > the same system, you'd have two certs with the same CN value. > > I found the following guide useful in setting up a local CA: > http://www.g-loaded.eu/2005/11/10/be-your-own-ca/ >
i've followed this, and now i have created three certificates, one for the CA, myca.crt, and two for my local computers, home1.crt and home2.crt. and then i have the corresponding private keys also. so i've defined TLS all over the place, and restarted the services, no errors, and i'm trying to connect with bconsole from home1 to verify all the daemons can communicate. i get this error: Connecting to Director home1.local:9101 Failed to initialize TLS context for Director "home1-dir". this is what i have in home1.bacula-dir.conf: Director { Name = home1-dir DirAddress = home1.local ... TLS Enable = yes TLS Require = yes TLS Verify Peer = yes TLS CA Certificate File = /etc/bacula/myca.crt TLS Certificate = /etc/bacula/home1.crt TLS Key = /etc/bacula/home1.key } and this is what i put in home1.bconsole.conf: Director { Name = home1-dir Address = home1.local ... TLS Enable = yes TLS Require = yes TLS CA Certificate File = /etc/bacula/myca.crt TLS Certificate = /etc/bacula/home1.crt TLS Key = /etc/bacula/home1.key } -----BEGIN PGP SIGNATURE----- iEYEAREIAAYFAk4raXoACgkQXhfCJNu98qAUGwCgqeeUkT5yvKCOtOb6Q8xozaWC XR0An11p/RdhJDYxg1gFJpSUsz+hGVks =9pCE -----END PGP SIGNATURE----- ------------------------------------------------------------------------------ Magic Quadrant for Content-Aware Data Loss Prevention Research study explores the data loss prevention market. Includes in-depth analysis on the changes within the DLP market, and the criteria used to evaluate the strengths and weaknesses of these DLP solutions. http://www.accelacomm.com/jaw/sfnl/114/51385063/ _______________________________________________ Bacula-users mailing list Bacula-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/bacula-users