On Mar 9, 2006, at 3:52 AM, Andreas Aronsson wrote:
I really think I got it working now! When I am comparing with the instructions given here: http://www.bacula.org/rel-manual/Bacula_TLS.html The difference in my conf is: bacula-fd.conf; add # "Global" File daemon configuration specifications # FileDaemon { # this is me Name = xxxxx-fd ..... TLS Enable = yes ( along with a root cert, cert and key ) bacula-dir.conf; add # Client (File Services) to backup Client { Name = xxxxx-fd ..... TLS Enable = yes ( along with a root cert, cert and key ) The directive TLS Allowed CN = "xxxxx.xxxxx.xxxx" I have yet to see have an effect. Makes no difference if I remove it.What I have done is to log on with bconsole in between changes and issued a 'run' to start the job. If I remove the added directives it stops working again ( after restarting the service of course ) with a " Fatal error: Authorization problem: Remote server requires TLS." message at the end.Remains to see if the nightly run is ok. Again, many thanks to Dan Langille! Should I suggest these changes to the manual to someone perhaps? rgds
Could you send me your full set of configuration files as attachments? I'm having a lot of trouble following your configuration snipped and inlined in your e-mails. Also, have you tried watching the connections using tcpdump or ethereal to ensure that they really are encrypted?
-landonf
PGP.sig
Description: This is a digitally signed message part
