Re: [Bacula-users] bacula TLS help

2013-12-02 Thread Radosław Korzeniewski
Hello, 2013/11/30 Tim Dunphy > [root@storage:/etc/bacula] #bconsole > > Connecting to Director storage.jokefire.com:9101 > > TLS negotiation failed > Director authorization problem. > Most likely the passwords do not agree. > If you are using TLS, there may have been a certificate validation err

Re: [Bacula-users] bacula TLS help

2013-11-30 Thread Dimitri Maziuk
On 2013-11-29 19:20, Tim Dunphy wrote: > On 2013-11-29 18:37, Tim Dunphy wrote: > ... (and unfortunately I feel like I'm spinning in circles) > > Maybe you should try a different circle, like try stunnel? > > > Not the worst idea I've heard. Or maybe sshuttle. Still would prefer to > w

Re: [Bacula-users] bacula TLS help

2013-11-29 Thread Tim Dunphy
> > On 2013-11-29 18:37, Tim Dunphy wrote: > ... (and unfortunately I feel like I'm spinning in circles) > > Maybe you should try a different circle, like try stunnel? > Not the worst idea I've heard. Or maybe sshuttle. Still would prefer to work out the Bacula approach, provided it doesn't cause

Re: [Bacula-users] bacula TLS help

2013-11-29 Thread Dimitri Maziuk
On 2013-11-29 18:37, Tim Dunphy wrote: ... (and unfortunately I feel like I'm spinning in circles) Maybe you should try a different circle, like try stunnel? Dima -- Rapidly troubleshoot problems before they affect you

Re: [Bacula-users] bacula TLS help

2013-11-28 Thread Ana Emília M . Arruda
Hi Tim! Hi Iban! Maybe the problem is in using "TLS Verify Peer = yes" with self-signed certificates. I found in http://www.bacula.org/manuals/en/concepts/concepts/Bacula_TLS_Communication.html : *TLS Verify Peer = *Verify peer certificate. Instructs server to request and verify the client's x50

Re: [Bacula-users] bacula TLS help

2013-11-28 Thread Tim Dunphy
Hi Iban, HI Tim, > I was pretty sure that the trouble was on the CN, could you tray to > create the cert without the email value?? > /emailAddress=bluethu...@gmail.com, > only CN=storage.jokefire.com. > > Have you check too that the

Re: [Bacula-users] bacula TLS help

2013-11-28 Thread Iban Cabrillo
HI Tim, I was pretty sure that the trouble was on the CN, could you tray to create the cert without the email value?? /emailAddress=bluethu...@gmail.com, only CN=storage.jokefire.com. Have you check too that these files: /etc/pki

Re: [Bacula-users] bacula TLS help

2013-11-27 Thread Tim Dunphy
Hello Iban! And thank you for your reply. > I have a similar configuration. I think that the problem is in the CN: > CN=storage.jokefire.com/emailAddress=bluethu...@gmail.com > > > please could you show the value for DirAddress = bacula.example.org > > in my case: > > DirAddress = bacula.ex

Re: [Bacula-users] bacula TLS help

2013-11-27 Thread Iban Cabrillo
Hi Tim, I have a similar configuration. I think that the proble is in the CN: CN=storage.jokefire.com/emailAddress=bluethu...@gmail.com please could you show the value for DirAddress = bacula.example.org in my case: DirAddress = bacula.example.org TLS Enable = yes TLS Require = yes T

[Bacula-users] bacula TLS help

2013-11-26 Thread Tim Dunphy
Hello all, I'm trying to add TLS encryption to my bacula setup. I've been following this guide which got me almost all of the way there: http://blog.earth-works.com/2013/08/03/configuring-bacula-to-use-tls-to-encrypt-connections/ I modified the following sections in my bacula-dir.conf fi