Hello Jörg, On 08.04.2018 at 05:34 wrote 'Jörg Woll' via bareos-users: > Until now BackupPC was used as a backup, but the partial restore takes place > on the client or as a single file in the web interface. Before encryption, we > do not even talk. As the status of our company changes, so does the security > policy. That's how I came to Bareos. > The installation is currently running very satisfactorily in the productive > test. Now we have set up a second server for testing. Background is secured > connection via TLS and encryption of the backups according to the Privacy > Policy. > And that's where it hooks up with me. There are a lot of configurations for > Bacula, some before the time of the fork to Bareos. I made the configuration > according to manual and have always the problem with the handshake when I go > to the bconsole. Not to mention the Faillogin on the Webui. Unfortunately, I > have to say, that I have not dealt with TLS until now, except for a few > certificates for websites. Most of it is done by SSH or via routing on the > firewall. Maybe someone has a manual after which you can understand something > so reasonable.
I guess, you are already aware of the documentation, see http://doc.bareos.org/master/html/bareos-manual-main-reference.html#DataEncryption The last time I configured this, I used the xca tool to create a local CA and the required certificates for the damoens. You have to export the certificates and keys in PEM format. Using the IP addresses is not an issue, as long as you use the "TLS Allowed CN" directives. This defines what systems (certificates) are permitted to access. The http://www.bacula-buch.de/ by Philipp Storz (one of the founders of Bareos) describes this in more detail. Unfortunately out of print, but still available on a couple of places. Last but not least: with bareos >= 18.2 (currently master) certificates are no longer required of encrypted connections. Instead Bareos will use TLS-PSK (Pre Shared Keys) by default to encrypt the traffic. No extra configuration required. regard, Jörg -- Jörg Steffens joerg.steff...@bareos.com Bareos GmbH & Co. KG Phone: +49 221 630693-91 http://www.bareos.com Fax: +49 221 630693-10 Sitz der Gesellschaft: Köln | Amtsgericht Köln: HRA 29646 Komplementär: Bareos Verwaltungs-GmbH Geschäftsführer: S. Dühr, M. Außendorf, Jörg Steffens, P. Storz -- You received this message because you are subscribed to the Google Groups "bareos-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to bareos-users+unsubscr...@googlegroups.com. To post to this group, send email to firstname.lastname@example.org. For more options, visit https://groups.google.com/d/optout.