Hey Heitor, Doing well thanks! I appreciate the help as always. So here's what I tried:
I added the directives you suggested to the director conf. From bacula-dir.conf: Director { # define myself Name = bacula1.example.com DIRport = 9101 # where we listen for UA connections QueryFile = "/etc/bacula/query.sql" WorkingDirectory = "/var/spool/bacula" PidDirectory = "/var/run" Maximum Concurrent Jobs = 1 Password = "Duk30fZh0u" # Console password Messages = Daemon TLS Certificate = /etc/pki/tls/certs/bacula1.example.com.crt TLS Key = /etc/pki/tls/private/bacula1.example.com.key TLS CA Certificate File = /etc/pki/CA/certs/ca.crt TLS Enable = yes TLS Require = yes TLS Verify Peer = no TLS Allowed CN = "bacula1.example.com" } And I made the TLS Allowed CN match the FQDN of the bacula1 host. And here's a better paste of my bconsole.conf: Director { Name = bacula1.example.com DIRport = 9101 address = bacula1.example.com Password = "secret" TLS Certificate = /etc/pki/tls/certs/bacula1.example.com.crt TLS Key = /etc/pki/tls/private/bacula1.example.com.key TLS CA Certificate File = /etc/pki/CA/certs/ca.crt TLS Enable = yes TLS Require = yes } I tried setting TLS Verify Peer = no and TLS Allowed CN = " bacula1.example.com" in the bconsole.conf, but those weren't valid there. And then I tried running bconsole in debug mode, and this is what I got: [root@bacula1:~] #bconsole -d100 -c /etc/bacula/bconsole.conf Connecting to Director bacula1.example.com:9101 bconsole: bsock.c:208-0 Current 52.5.117.61:9101 All 52.5.117.61:9101 bconsole: bsock.c:283-0 Could not connect to server Director daemon bacula1.example.com:9101. ERR=Interrupted system call bconsole: bsock.c:106-0 Unable to connect to Director daemon on bacula1.example.com:9101. ERR=Interrupted system call I'm definitely open to suggestion at this point! Thanks! Tim On Sun, Nov 8, 2015 at 10:24 AM, Heitor Faria <hei...@bacula.com.br> wrote: > Just in time: your certificate Complete Name (CN) that you are prompted > during its creation must match the TLS Allowed CN value. > =========================================================================== > Heitor Medrado de Faria - LPIC-III | ITIL-F | Bacula Systems Certified > Administrator II > Do you need Bacula training? http://bacula.us/video-classes/ > I do Bacula training and deploy in any city of the world. More > information: http://bacula.us/ > +55 61 <%2B55%2061%202021-8260>8268-4220 <%2B55%2061%208268-4220> > Site: http://bacula.us FB: heitor.faria > <http://www.facebook.com/heitor.faria> > =========================================================================== > > ------------------------------ > > *From: *"Heitor Faria" <hei...@bacula.com.br> > *To: *"Tim Dunphy" <bluethu...@gmail.com> > *Cc: *bacula-users@lists.sourceforge.net > *Sent: *Sunday, November 8, 2015 1:15:04 PM > *Subject: *Re: [Bacula-users] bconsole won't connect to director > > Hey guys, > > Hello Tim, how are you? > > I've had to rebuild my bacula server recently. And everything seemed to > go okay with the install, but for some reason the bconsole can't conect to > the director. > > This is all I see when I try: > > > [root@bacula1:~] #bconsole > > Connecting to Director bacula1.example.com:9101 > > > I tried running my bacula-director in debug mode to get an idea of what > the problem is, however it isn't providing any clues: > > In this case running bconsole in debug mode would be more fruitful. > > I made sure the bacula director definition matched the bconsole config. > From bacula-dir.conf: > > > Director { # define myself > > Name = bacula1.example.com > > DIRport = 9101 # where we listen for UA connections > > QueryFile = "/etc/bacula/query.sql" > > WorkingDirectory = "/var/spool/bacula" > > PidDirectory = "/var/run" > > Maximum Concurrent Jobs = 1 > > Password = "secret" # Console password > > Messages = Daemon > > TLS Certificate = /etc/pki/tls/certs/bacula1.example.com.crt > > TLS Key = /etc/pki/tls/private/bacula1.example.com.key > > TLS CA Certificate File = /etc/pki/CA/certs/ca.crt > > TLS Enable = yes > > TLS Require = yes > > } > > If you are using self-signed certificates it is very likely you would have > to use the following settings: > > TLS Verify Peer = no > TLS Allowed CN = "192.168.0.50" # Or name > > From bconsole.conf > > Director { > > Name = bacula1.example.com > > DIRport = 9101 > > address = bacula1.example.com > > Password = "secret" > > TLS Certificate = /etc/pki/tls/certs/bacula1.example.com.crt > > TLS Key = /etc/pki/tls/private/bacula1.example.com.key > > TLS CA Certificate File = /etc/pki/CA/certs/ca.crt > > TLS Enable = yes > > TL > > } > > I think TLS Require is miss copied here. > > Regards, > =========================================================================== > Heitor Medrado de Faria - LPIC-III | ITIL-F | Bacula Systems Certified > Administrator II > Do you need Bacula training? http://bacula.us/video-classes/ > I do Bacula training and deploy in any city of the world. More > information: http://bacula.us/ > +55 61 <%2B55%2061%202021-8260>8268-4220 <%2B55%2061%208268-4220> > Site: http://bacula.us FB: heitor.faria > <http://www.facebook.com/heitor.faria> > =========================================================================== > > > > > ------------------------------------------------------------------------------ > > _______________________________________________ > Bacula-users mailing list > Bacula-users@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/bacula-users > > > -- GPG me!! gpg --keyserver pool.sks-keyservers.net --recv-keys F186197B
------------------------------------------------------------------------------
_______________________________________________ Bacula-users mailing list Bacula-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/bacula-users