>
> On Feb 1, 2015, at 11:00 AM, Tim Dunphy <bluethu...@gmail.com> wrote:
>
> I don't see web1.jokefire.com mentioned anywhere until this error. Why is
> that?
>
> Ok you caught me. Whoops! I was trying to obscure the real name of the
> domain. That is why.
Make sure the Address field in the Client resource in bacula-dir.conf is
web1.jokefire.com
Make sure the cert is for web1.jokefire.com
If not, that may be the problem.
>
> On Sun, Feb 1, 2015 at 10:41 AM, Dan Langille <d...@langille.org> wrote:
>
>> On Jan 31, 2015, at 9:27 PM, Tim Dunphy <bluethu...@gmail.com> wrote:
>>
>> Hey all,
>>
>> I'd like to change the hostname of one of my servers that uses bacula.
>>
>> So I generated some new certs after updating the hostname in /etc/hosts:
>>
>> [root@web1:/etc/bacula] #ls -l /etc/pki/tls/* | grep web1
>> -r-------- 1 root root 1956 Jan 31 20:34 web1.mydomain.com.crt
>> -r-------- 1 root root 3311 Jan 31 20:34 web1.mydomain.com.key
>>
>>
>> And updated the bacula-fd.conf file on the host:
>>
>> [root@web1:/etc/bacula] #cat bacula-fd.conf
>>
>> #
>>
>> # Default Bacula File Daemon Configuration file
>>
>> #
>>
>> # For Bacula release 5.2.13 (19 February 2013) -- redhat
>>
>> #
>>
>> # There is not much to change here except perhaps the
>>
>> # File daemon Name to
>>
>> #
>>
>>
>>
>> #
>>
>> # List Directors who are permitted to contact this File daemon
>>
>> #
>>
>> Director {
>>
>> Name = ops.mydomain.com
>>
>> Password = secret
>>
>> TLS Certificate = /etc/pki/tls/certs/web1.mydomain.com.crt
>>
>> TLS Key = /etc/pki/tls/private/web1.mydomain.com.key
>>
>> TLS CA Certificate File = /etc/pki/CA/certs/ca.crt
>>
>> TLS Enable = yes
>>
>> TLS Require = yes
>>
>> }
>>
>>
>>
>> #
>>
>> # "Global" File daemon configuration specifications
>>
>> #
>>
>> FileDaemon { # this is me
>>
>> Name = web1.mydomain.com
>>
>> FDport = 9102 # where we listen for the director
>>
>> WorkingDirectory = /var/bacula
>>
>> Pid Directory = /var/run
>>
>> Maximum Concurrent Jobs = 20
>>
>> TLS Certificate = /etc/pki/tls/certs/web1.mydomain.com.crt
>>
>> TLS Key = /etc/pki/tls/private/web1.mydomain.com.key
>>
>> TLS CA Certificate File = /etc/pki/CA/certs/ca.crt
>>
>> TLS Enable = yes
>>
>> TLS Require = yes
>>
>> }
>>
>>
>>
>> # Send all messages except skipped files back to Director
>>
>> Messages {
>>
>> Name = Standard
>>
>> director = cloud-dir = all, !skipped, !restored
>>
>> }
>>
>>
>>
>> Made sure hostname -f gives me the right response:
>>
>>
>>
>> [root@web1:/etc/bacula] #hostname -f
>>
>> web1.mydomain.com
>>
>> But when I go to restart bacula, something odd happens:
>>
>>
>>
>> [root@web1:/etc/bacula] #service bacula-fd restart
>>
>> Shutting down bacula-fd: [FAILED]
>>
>> Starting bacula-fd: 31-Jan 21:26 web1.mydomain.com: Fatal Error at
>> filed.c:381 because:
>>
>> Failed to initialize TLS context for File daemon "web1.jokefire.com" in
>> /etc/bacula/bacula-fd.conf.
>>
>>
>
> I don't see web1.jokefire.com mentioned anywhere until this error. Why is
> that?
>> 31-Jan 21:26 web1.mydomain.com: ERROR in filed.c:222 Please correct
>> configuration file: /etc/bacula/bacula-fd.conf
>>
>> [FAILED]
>>
>>
>>
>> I get a TLS error. Can someone please share their ideas on how to solve this?
>>
>>
>>
>> Thanks
>>
>> Tim
>>
>>
>>
>>
>>
>> --
>> GPG me!!
>>
>> gpg --keyserver pool.sks-keyservers.net --recv-keys F186197B
>>
>> ------------------------------------------------------------------------------
>> Dive into the World of Parallel Programming. The Go Parallel Website,
>> sponsored by Intel and developed in partnership with Slashdot Media, is your
>> hub for all things parallel software development, from weekly thought
>> leadership blogs to news, videos, case studies, tutorials and more. Take a
>> look and join the conversation now.
>> http://goparallel.sourceforge.net/_______________________________________________
>> Bacula-users mailing list
>> Bacula-users@lists.sourceforge.net
>> https://lists.sourceforge.net/lists/listinfo/bacula-users
>
> —
> Dan Langille
> http://langille.org/
>
>
>
>
>
>
>
>
> --
> GPG me!!
>
> gpg --keyserver pool.sks-keyservers.net --recv-keys F186197B
>
—
Dan Langille
http://langille.org/
------------------------------------------------------------------------------
Dive into the World of Parallel Programming. The Go Parallel Website,
sponsored by Intel and developed in partnership with Slashdot Media, is your
hub for all things parallel software development, from weekly thought
leadership blogs to news, videos, case studies, tutorials and more. Take a
look and join the conversation now. http://goparallel.sourceforge.net/
_______________________________________________
Bacula-users mailing list
Bacula-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/bacula-users
