On Wednesday, June 11, 2025 2:34:23 AM CEST Dan Langille wrote: > On Thu, Jun 5, 2025, at 8:14 PM, Josip Deanovic via Bacula-users wrote: > > On Thursday, June 5, 2025 6:01:46 PM CEST Richard Laysell wrote: > >> Does this configuration look correct? Bacula doesn't complain about > >> the configuration so I think it is OK. > > > > Most of it. > > I am concerned about the option "TLS Authenticate = yes" you are using. > > > > Documentation states: > > "Please notice a very important feature of enabling TLS Authenticate to > > your daemons: if you enable the TLS authentication, the TLS encryption > > will be turned off and communication between the daemons will be done > > without Encryption." > > > > So, make sure that this is what you want. > > Here is the link to the documentation section for your Bacula version: > > > > https://www.bacula.org/15.0.x-manuals/en/main/ > > Bacula_TLS_Communications_E.html > > You prompted me to visit my own configuration to see if I was using "TLS > Authenticate = yes" anywhere. I found nothing. :)
You must have checked the documentation on the option but you forgot about it since then. This is what happened to me, so I learned about it again. :-) > You've brought up some very interesting traps. Thank you. To be honest, the name of that option is quite deceptive. I wouldn't expect that such option would enable/disable anything other than additional encryption during auth. phase. -- Josip Deanovic _______________________________________________ Bacula-users mailing list Bacula-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/bacula-users
