Re: [Bacula-users] TLS using certs with X509v3 extensions

If anyone is using X509v3 extensions with copy jobs, I'm keenly interested in the certs you are using. See below. On Thu, Sep 14, 2023, at 2:39 PM, Dan Langille wrote: > On Thu, Sep 14, 2023, at 2:33 PM, Martin Simmons wrote: >>> On Tue, 12 Sep 2023 08:41:42 -0400, Dan Langille said: >>>

Re: [Bacula-users] TLS using certs with X509v3 extensions

On Thu, Sep 14, 2023, at 2:33 PM, Martin Simmons wrote: >> On Tue, 12 Sep 2023 08:41:42 -0400, Dan Langille said: >> >> > >> >> >> >> I ask because yesterday I started running some copy jobs. The cert used >> >> by bacula-sd was acceptable for receiving backups. It was not acceptable >>

Re: [Bacula-users] TLS using certs with X509v3 extensions

> On Tue, 12 Sep 2023 08:41:42 -0400, Dan Langille said: > > > > >> > >> I ask because yesterday I started running some copy jobs. The cert used by > >> bacula-sd was acceptable for receiving backups. It was not acceptable for > >> copy jobs. > >> > >> 09-Sep 10:19 bacula-sd-04 JobId

Re: [Bacula-users] TLS using certs with X509v3 extensions

On Tue, Sep 12, 2023, at 6:23 AM, Vanush "Misha" Paturyan wrote: > On Mon, 11 Sept 2023 at 20:19, Dan Langille wrote: >> >> Yes, I think it's SSL erroring out, I agree with your theory. >> >> Which means: what Key Usage needs to be included for each of: >> >> * bacula-fd >> * bacula-sd >> *

Re: [Bacula-users] TLS using certs with X509v3 extensions

On Mon, 11 Sept 2023 at 20:19, Dan Langille wrote: > > Yes, I think it's SSL erroring out, I agree with your theory. > > Which means: what Key Usage needs to be included for each of: > > * bacula-fd > * bacula-sd > * bacula-dir > > Thank you for sharing your details. Is this cert used with

Re: [Bacula-users] TLS using certs with X509v3 extensions

> On Sep 11, 2023, at 12:14 PM, Vanush Misha Paturyan wrote: > > Hello Dan, > > On Sat, 9 Sept 2023 at 12:39, Dan Langille > wrote: >> Hello, >> >> Is anyone using self-signed certificates using X509v3 extensions? >> >> To be clear: I am not trying to make use of

Re: [Bacula-users] TLS using certs with X509v3 extensions

Hello Dan, On Sat, 9 Sept 2023 at 12:39, Dan Langille wrote: > Hello, > > Is anyone using self-signed certificates using X509v3 extensions? > > To be clear: I am not trying to make use of X509v3 extensions for any > particular purpose - A recent upgrade to the tool I am using recently > started

[Bacula-users] TLS using certs with X509v3 extensions

Hello, Is anyone using self-signed certificates using X509v3 extensions? To be clear: I am not trying to make use of X509v3 extensions for any particular purpose - A recent upgrade to the tool I am using recently started X509v3 extensions I ask because so far I have been unable to get TLS

Re: [Bacula-users] "TLS Allowed CN" not working

Hello Alexey, To have the "TLS Allowed CN" working, you must have the "TSL Verify Peer = yes": "In the case this directive is configured on a server side, the allowed CN list will not be checked if *TLS Verify Peer* is set to *no* (*TLS Verify Peer* is *yes* by default)." The Address directive

[Bacula-users] "TLS Allowed CN" not working

Hi! I am updating the bacula version from 9.6 to 11.0. In version 11 changed TLS Encryption certificate verification: *Additionally, the client's X509 certificate Common Name must meet the value of the Address directive (new in 11 verison). If the TLS Allowed CN configuration directive is used,

Re: [Bacula-users] TLS Problem after create new certificates with error ...OpenSSL 1.1, enforce basicConstraints = CA:true in the certificate...

Am 23.01.23 um 13:31 schrieb Pierre Bernhardt: My self signed root ca and my certs has to been outdated. So I created a new ca key, self segned ca cert and new certs for bacula director and all clients. ... I only replaced the tls certs and installed a new ca cert. I double checked the

[Bacula-users] TLS Problem after create new certificates with error ...OpenSSL 1.1, enforce basicConstraints = CA:true in the certificate...

My self signed root ca and my certs has to been outdated. So I created a new ca key, self segned ca cert and new certs for bacula director and all clients. The issue is that the message appears so i cerated a new ca cert so the basicConstraints = CA:true also contains the ca cert So I

Re: [Bacula-users] TLS issues

Hello, sob., 1 sie 2020 o 03:07 Shawn Rappaport napisał(a): > Connecting to Director xbacdirector01-lv.internal.shutterfly.com:9101 > bconsole: tls.c:87-0 Error with certificate at depth: 0, issuer = > /C=US/ST=Arizona/L=Tempe/O=Shutterfly/OU=ops-syseng/CN= >

Re: [Bacula-users] TLS issues

g the data encryption after I got TLS working, which I think I have done. :-) Thanks again! --Shawn From: Dan Langille Sent: Monday, August 3, 2020 9:40 AM To: Shawn Rappaport ; Dimitri Maziuk via Bacula-users Subject: Re: [Bacula-users] TLS issues On Mon, A

Re: [Bacula-users] TLS issues

On Mon, Aug 3, 2020, at 12:30 PM, Shawn Rappaport wrote: > > Any idea why it would not be encrypted even though I am requiring TLS? TLS is just transit. Transport Layer Security. https://www.bacula.org/9.6.x-manuals/en/main/Bacula_TLS_Communications_E.html You want Data Encryption:

Re: [Bacula-users] TLS issues

________ From: Dan Langille Sent: Saturday, August 1, 2020 5:47 AM To: Dimitri Maziuk via Bacula-users Subject: Re: [Bacula-users] TLS issues On Fri, Jul 31, 2020, at 6:15 PM, Shawn Rappaport wrote: I'm running Bacula 9.06 (compiled from source with the --with-openssl option) on Cen

Re: [Bacula-users] TLS issues

On Fri, Jul 31, 2020, at 6:15 PM, Shawn Rappaport wrote: > I'm running Bacula 9.06 (compiled from source with the --with-openssl option) > on CentOS 7.5 and running into issues configuring TLS in our test > environment. I am following the instructions from these two pages: >

[Bacula-users] TLS issues

I'm running Bacula 9.06 (compiled from source with the --with-openssl option) on CentOS 7.5 and running into issues configuring TLS in our test environment. I am following the instructions from these two pages: https://www.labeightyfour.com/2019/06/20/configure-encrypted-connections-in-bacula/

Re: [Bacula-users] TLS Config Problem (FD did not advertise required TLS support.)

Hi Francisco, Sorry for my delay. Yes, sure you can! You should configure TLS Enable = yes and TLS Require = yes for the clients in the VPN network. All the others that will surely not use TLS, you can set TLS Enable = No. Best regards, Ana On Mon, May 30, 2016 at 10:58 AM, Francisco Javier

Re: [Bacula-users] TLS Config Problem (FD did not advertise required TLS support.)

Hi Ana, My question is: Can I have a mixed set of clients with TLS enabled and others with no TLS ? The clients into my LAN doesn't need the TLS support but all in the VPN network must use TLS. J. 2016-05-30 10:25 GMT+02:00 Ana Emília M. Arruda : > Hi

Re: [Bacula-users] TLS Config Problem (FD did not advertise required TLS support.)

Hi Javier, Yes, sure. If you configure TLS Require = No, if any of the daemons host do not speak TLS, they will communicate with no encryption (ssl=0). Regards, Ana On Sun, May 29, 2016 at 12:27 PM, Francisco Javier Funes Nieto < esen...@gmail.com> wrote: > Hi Ana, > > The problem now it's

Re: [Bacula-users] TLS Config Problem (FD did not advertise required TLS support.)

Hi Ana, The problem now it's solved. There was an incomplete configuration of the Storage Daemon and Director TLS subset. I have a cuestion around this, Can I have a mixed enviroment with TLS and Non-TLS clients in the same Bacula server? J. 2016-05-27 22:35 GMT+02:00 Ana Emília M. Arruda

Re: [Bacula-users] TLS Config Problem (FD did not advertise required TLS support.)

Hello Javier, Did you solve this? ssl=0 means that no TLS connection is being used. Since TLS Require = no for both director and storage daemon, it seems that they are unable to establish one and then are communicating with no encryption. You can always run tests to verify your certificates:

[Bacula-users] TLS Config Problem (FD did not advertise required TLS support.)

Hi all, The first time I'm trying to configure the TLS part of my (new) server under FreeBSD. (10.2/7.4 from ports) Communication sd <-> dir seems ok with debugging activated. I don't know if "ssl=0" means not using TLS. More info: betelgeuse.canonigos.es-dir: ua_status.c:183-0 item=1

Re: [Bacula-users] TLS required but not configured in Bacula.

hi Ana I did the steps you provided me however in the summary does not show me the active support TLS. is nomal? Configuration on Sat Jan 30 14:47:32 COT 2016: Host: x86_64-unknown-linux-gnu -- redhat Bacula version: Bacula 7.2.0 (14 August 2015) Source

Re: [Bacula-users] TLS required but not configured in Bacula.

>> >> >> >> *From:* Hector Javier Agudelo Corredor [mailto:hej...@gmail.com] >> *Sent:* Wednesday, February 3, 2016 9:56 AM >> *To:* Ana Emília M. Arruda <emiliaarr...@gmail.com> >> *Cc:* Bacula-users@lists.sourceforge.net; Foro Bac

Re: [Bacula-users] TLS required but not configured in Bacula.

Should be something like the following ... checking for libwrap... yes checking for OpenSSL... yes checking for EVP_PKEY_encrypt_old in -lcrypto... yes checking for library containing dlopen... (cached) -ldl checking for PostgreSQL support... yes checking for crypt... no checking for crypt in

Re: [Bacula-users] TLS required but not configured in Bacula.

ich...@highpoweredhelp.com> From: Hector Javier Agudelo Corredor [mailto:hej...@gmail.com] Sent: Wednesday, February 3, 2016 9:56 AM To: Ana Emília M. Arruda <emiliaarr...@gmail.com> Cc: Bacula-users@lists.sourceforge.net; Foro Bacula <bacula-users...@lists.sourceforge.net> Subject: Re: [Bacula-u

Re: [Bacula-users] TLS required but not configured in Bacula.

>>> >>> >>> >>> yum-builddep bacula? >>> >>> >>> >>> >>> >>> Michael Munger, dCAP, MCPS, MCNPS, MBSS >>> High Powered Help, Inc. >>> Microsoft Certified Professional >>> Microsoft Cer

Re: [Bacula-users] TLS required but not configured in Bacula.

sional > mich...@highpoweredhelp.com > > > > *From:* Hector Javier Agudelo Corredor [mailto:hej...@gmail.com] > *Sent:* Wednesday, February 3, 2016 9:56 AM > *To:* Ana Emília M. Arruda <emiliaarr...@gmail.com> > *Cc:* Bacula-users@lists.sourceforge.net; Foro Bacula &l

Re: [Bacula-users] TLS required but not configured in Bacula.

> again run ./configure --with-mysql --with-openssl but the summary leaves me > again: >TCP Wrappers support: no >TLS support: no On a Centos 6.7 system of mine, I believe I have to install the tcp_wrappers-devel package, plus add the option " --with-tcp-wrappers" to get that feature

[Bacula-users] TLS required but not configured in Bacula.

hi. bacula already had installed 7.2, 9.3.9 and MySQL 7.0 webacula. But when I was setting my certificates for TLS I went the following error; [root @ bacula74mysql bacula-7.2.0] # sudo bacula-dir -tc /etc/bacula/bacula-dir.conf 29-Jan 20:47 bacula-dir JobId 0: Fatal error: TLS required but not

Re: [Bacula-users] TLS required but not configured in Bacula.

Hello Hector, You can run ./configure --with-openssl (and all your previously options) for enabling SSL support (then make and make install). This will not modify or delete your conf files and catalog database. Best regards, Ana On Tue, Feb 2, 2016 at 10:19 PM, Hector Javier Agudelo Corredor <

[Bacula-users] TLS connection verification

I have successfully implemented TLS communication between director-storage-clients. Is there a way to verify that indeed all the traffic is encrypted? I tried openssl s_client -connect director:port and it claims that the connection is not encrypted. Also I cannot capture any encrypted

Re: [Bacula-users] TLS connection verification

On 2013-02-05 03:57, Nasos Nikologiannis wrote: I have successfully implemented TLS communication between director-storage-clients. Is there a way to verify that indeed all the traffic is encrypted? I'd guess a monitoring tool such as tcpcump I tried openssl s_client -connect director:port

Re: [Bacula-users] TLS Verify Peer - for client or for server?

On Jan 3, 2013, at 3:56 PM, Dan Langille d...@langille.org wrote: Comments? Ideas? Hmm. When I wrote the documentation (or, at least, the article that was turned into the documentation), I may have been thinking that client-server communications would -always- verify the peer's certificate,

[Bacula-users] TLS Verify Peer - for client or for server?

According to http://www.bacula.org/5.2.x-manuals/en/main/main/Bacula_TLS_Communications.html ### TLS Verify Peer = yes|no Verify peer certificate. Instructs server to request and verify the client's x509 certificate. Any client certificate signed by a known-CA will be accepted unless the TLS

[Bacula-users] TLS Causes SegFault on bacula-dir.

I've been trying to get TLS working in Bacula with out any luck. Every time I start Bacula the Director seg faults when trying to initialize TLS We are not using DNS. I'm not sure if that's a problem or not, but I thought I'd put it out there. We are just using a hosts file and the bacula

Re: [Bacula-users] TLS FD Errors

Hi, 2011/6/7 Craig Van Tassle cvantas...@purdue.edu I'm trying to get TLS working between my Bacula Director and the FD. I have it working locally between the Director and the SD, but when I try to connect to a remote FD it wont authenticate. In my FD logs I get openssl.c:85-0 jcr=0 Connect

[Bacula-users] TLS FD Errors

I'm trying to get TLS working between my Bacula Director and the FD. I have it working locally between the Director and the SD, but when I try to connect to a remote FD it wont authenticate. In my FD logs I get openssl.c:85-0 jcr=0 Connect failure: ERR=error:140890C7:SSL

Re: [Bacula-users] TLS and PKI, How to limit de encryption overhead ?

On Wed, Nov 17, 2010 at 11:52:20AM +0100, Hugo Letemplier wrote: Hi I am Implementing Bacula and I have to cypher the backed up data. Also I don't want that the console and client authentication to be done clearly over the network. I want to implement TLS but data are already cyphered via PKI

Re: [Bacula-users] TLS and PKI, How to limit de encryption overhead ?

I already use Data encryption because I want the content of my Tape to be encrypted. The aspect that's boring me in communication is that authentication / commands / console access is sent clearly over the network. I am not sure of what security level the File Daemon encryption only can provide. I

Re: [Bacula-users] TLS and PKI, How to limit de encryption overhead ?

On Nov 18, 2010, at 12:19 AM, Thomas Mueller wrote: On 18.11.2010 02:01, Dan Langille wrote: IMHO TLS is only used for the control-channel not for the data- channel. Really? I hope not. Can you prove this? ok maybe you're right. i've had in mind that it was not encrypted, but

[Bacula-users] TLS and PKI, How to limit de encryption overhead ?

Hi I am Implementing Bacula and I have to cypher the backed up data. Also I don't want that the console and client authentication to be done clearly over the network. I want to implement TLS but data are already cyphered via PKI so it will create a cpu consumption overhead. Can I configure bacula

Re: [Bacula-users] TLS and PKI, How to limit de encryption overhead ?

Am Wed, 17 Nov 2010 11:52:20 +0100 schrieb Hugo Letemplier: Hi I am Implementing Bacula and I have to cypher the backed up data. Also I don't want that the console and client authentication to be done clearly over the network. I want to implement TLS but data are already cyphered via PKI so

Re: [Bacula-users] TLS and PKI, How to limit de encryption overhead ?

On 11/17/2010 11:12 AM, Thomas Mueller wrote: Am Wed, 17 Nov 2010 11:52:20 +0100 schrieb Hugo Letemplier: Hi I am Implementing Bacula and I have to cypher the backed up data. Also I don't want that the console and client authentication to be done clearly over the network. I want to

Re: [Bacula-users] TLS and PKI, How to limit de encryption overhead ?

On 18.11.2010 02:01, Dan Langille wrote: IMHO TLS is only used for the control-channel not for the data- channel. Really? I hope not. Can you prove this? ok maybe you're right. i've had in mind that it was not encrypted, but written is that the volumes written by sd are not encrypted. not

Re: [Bacula-users] TLS and PKI, How to limit de encryption overhead ?

2010/11/18 Thomas Mueller tho...@chaschperli.ch On 18.11.2010 02:01, Dan Langille wrote: IMHO TLS is only used for the control-channel not for the data- channel. Really? I hope not. Can you prove this? ok maybe you're right. i've had in mind that it was not encrypted, but written

[Bacula-users] TLS and broken pipes?!?

I'm moving some servers across an untrusted network and am trying to enable TLS and also enable Accurate backups so I don't have to do fulls over the network. I have a specific client that I'm not able to get a backup to complete (over a week now at least 20 attempts), it always contacts the SD

Re: [Bacula-users] TLS problem

Hi there, Finally I could fix the issue. :) The problem was with the FQDN... My Bacula-components used IP address instead of FQDN... It worked until I did not useTLS, but needed FQDN to make TLS working. ;) cheers, Zsolt On Wed, Mar 24, 2010 at 6:55 PM, Zsolt Kozak koza...@gmail.com wrote: Hi

[Bacula-users] TLS problem

Hi there, I googled around quite lot and got no answer for my TLS-issue, so I'm trying this email list. First of all I have a tested Bacula-system with working director, storage, filedaemon, bat and bconsole. I tried to set TLS in each components but failed, so I thought I was trying it step by

Re: [Bacula-users] TLS problem

Zsolt Kozak wrote: Do you have any idea what's wrong? It's interesting that the TLS-connection is OK on the server side, only the bconsole has problems with it Are you able to post the relevant parts of bacula-dir.conf and bconsole.conf? Seeing which certs are specified where might help.

Re: [Bacula-users] TLS problem

Hi Hugh, Thanks for the fast reply. I forgot to post my config. Here they are: bacula-dir.conf: Director {# define myself Name = bacula-dir DIRport = 9101# where we listen for UA connections QueryFile = /etc/bacula/scripts/query.sql

Re: [Bacula-users] TLS problem

Zsolt Kozak wrote: Hi Hugh, Thanks for the fast reply. I forgot to post my config. Here they are: My *guess* would be that the TLS Certificate and TLS Key directives in both need to point to the same certificate, because they're on the same host. That's how I've got it set up on my machine,

Re: [Bacula-users] TLS problem

Hi, I've tried that scenario before and now, but it's not working. It should not be working because it's a server-client communication I guess, the bconsole client is communicating with the director server... Am I right? I noticed the same configuration in the article but here is another article

Re: [Bacula-users] TLS problem

Zsolt Kozak wrote: I've tried that scenario before and now, but it's not working. It should not be working because it's a server-client communication I guess, the bconsole client is communicating with the director server... Am I right? I believe that each side needs to present a cert with the

Re: [Bacula-users] TLS negotiation handshake errors (Solved)

Hello list, On ven., avr 10, 2009, baculal...@encambio.com wrote: On mer., avr 8, 2009, baculal...@encambio.com wrote: Director hostname back1.host.com: Solaris x86 11 (nv-b91) File daemon hostname back1.host.com: Solaris x86 11 (nv-b91) Errors seen on the director: 08-Apr 09:36

Re: [Bacula-users] TLS negotiation failed with FD

Siyoucef Arslan wrote: hi I have this problem when I want to connect a external client. but I can connect with and without TLS probelem with the local client. error:   Fatal Error: TLS negotiation failed with FD at xxx.xxx.xxx.xxx: 9102. 03-Aug 16:17 WN-ASI-01-dir JobID 0: Fatal Error:

[Bacula-users] TLS negotiation failed with FD

hi I have this problem when I want to connect a external client. but I can connect with and without TLS probelem with the local client. error:   Fatal Error: TLS negotiation failed with FD at xxx.xxx.xxx.xxx: 9102. 03-Aug 16:17 WN-ASI-01-dir JobID 0: Fatal Error: bnet.c: 307 host TLS

Re: [Bacula-users] TLS bacula resolved

thank you very much I followed what you tell me. the error was in the CN as you said. Now it works, I have to make test. arslan --- En date de : Jeu 30.7.09, Jet Wilda j...@mycolo.biz a écrit : De: Jet Wilda j...@mycolo.biz Objet: Re: [Bacula-users] TLS bacula probleme À: John Drescher

[Bacula-users] TLS bacula probleme

hello I want to use the TLS bacula any service (dir, fd, sf) start normally. bconsole but when I run, I have this error . look in my conf file attachment. Connexion au Director 127.0.0.1:9101 29-jui 15:36 bconsole JobId 0: Erreur fatale : bnet.c:307 TLS host certificate verification

Re: [Bacula-users] TLS bacula probleme

2009/7/30 Siyoucef Arslan siyoucef.ars...@yahoo.fr: hello I want to use the TLS bacula any service (dir, fd, sf) start normally. bconsole but when I run, I have this error . look in my conf file attachment. Connexion au Director 127.0.0.1:9101 29-jui 15:36 bconsole JobId 0: Erreur fatale 

Re: [Bacula-users] TLS bacula probleme

hello I add a new external client, but I always have the same problem; is that a person who has already successfully e TLS connect?arslan -- Let Crystal Reports handle the reporting - Free Crystal Reports 2008

Re: [Bacula-users] TLS bacula probleme

Hi,     I have TLS communication working and I used this http://www.devco.net/pubwiki/Bacula/TLS/ to get it working.  It has been awhile so I don't exactly remember the pitfalls I ran into. ~Jet Siyoucef Arslan wrote: hello I add a new external client, but I always

Re: [Bacula-users] TLS bacula probleme

On Thu, Jul 30, 2009 at 11:03 AM, Siyoucef Arslansiyoucef.ars...@yahoo.fr wrote: hello I add a new external client, but I always have the same problem; is that a person who has already successfully e TLS connect? arslan The following appears to be the problem: 29-jui 15:36 bconsole JobId 0:

Re: [Bacula-users] TLS bacula probleme

Yes. The CN of the certificate needs to match what you put as the Address for the client configuration. i.e. Client { Name = server-fd Address = server.domain FDPort = 9102 Catalog = Catalog Password = Password AutoPrune = yes TLS Enable = yes TLS Require = yes TLS CA Certificate

Re: [Bacula-users] TLS negotiation handshake errors

Hello Ryan, On jeu., avr 09, 2009, Ryan NOVOSIELSKI wrote: baculal...@encambio.com wrote: On mer., avr 08, 2009, Dan LANGILLE wrote: baculal...@encambio.com wrote: Director hostname back1.host.com: Solaris x86 11 (nv-b91) File daemon hostname back1.host.com: Solaris x86 11 (nv-b91)

Re: [Bacula-users] TLS negotiation handshake errors

Hello Dan and Ryan, On mer., avr 08, 2009, Dan LANGILLE wrote: baculal...@encambio.com wrote: Bacula 2.4.4 and OpenSSL 0.9.8k on Solaris x86 11 (nv-b91), everything is hand compiled but nothing special. Director hostname back1.host.com: Solaris x86 11 (nv-b91) File daemon hostname

Re: [Bacula-users] TLS negotiation handshake errors

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 baculal...@encambio.com wrote: Hello Dan and Ryan, On mer., avr 08, 2009, Dan LANGILLE wrote: baculal...@encambio.com wrote: Bacula 2.4.4 and OpenSSL 0.9.8k on Solaris x86 11 (nv-b91), everything is hand compiled but nothing special.

[Bacula-users] TLS negotiation handshake errors

Hello List, Bacula 2.4.4 and OpenSSL 0.9.8k on Solaris x86 11 (nv-b91), everything is hand compiled but nothing special. Director hostname back1.host.com: Solaris x86 11 (nv-b91) File daemon hostname back1.host.com: Solaris x86 11 (nv-b91) Errors seen on the director: 08-Apr 09:36

Re: [Bacula-users] TLS negotiation handshake errors

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 baculal...@encambio.com wrote: Hello List, Bacula 2.4.4 and OpenSSL 0.9.8k on Solaris x86 11 (nv-b91), everything is hand compiled but nothing special. Director hostname back1.host.com: Solaris x86 11 (nv-b91) File daemon hostname

Re: [Bacula-users] TLS negotiation handshake errors

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Dan Langille wrote: baculal...@encambio.com wrote: Hello List, Bacula 2.4.4 and OpenSSL 0.9.8k on Solaris x86 11 (nv-b91), everything is hand compiled but nothing special. Director hostname back1.host.com: Solaris x86 11 (nv-b91) File

[Bacula-users] TLS setup (was: Win32 client incremental backup fails: Permission denied / IS DIRECTORY ??)

Hi, 19.11.2008 18:25, Exim List wrote: Hello. I wrote a few weeks ago trying to get help on getting Bacula working on Windows using TLS encryption. Are you using that? I use that (in a demonstration environment). The only documentation I needed was the Bacula-project provided one, but I

Re: [Bacula-users] TLS setup

Arno Lehmann wrote: Hi, 19.11.2008 18:25, Exim List wrote: Hello. I wrote a few weeks ago trying to get help on getting Bacula working on Windows using TLS encryption. Are you using that? I use that (in a demonstration environment). The only documentation I needed was the

Re: [Bacula-users] TLS setup

Hi, 19.11.2008 22:24, Exim List wrote: Arno Lehmann wrote: Hi, 19.11.2008 18:25, Exim List wrote: Hello. I wrote a few weeks ago trying to get help on getting Bacula working on Windows using TLS encryption. Are you using that? I use that (in a demonstration environment). The only

Re: [Bacula-users] TLS setup

Exim List wrote: Arno Lehmann wrote: Hi, 19.11.2008 18:25, Exim List wrote: Hello. I wrote a few weeks ago trying to get help on getting Bacula working on Windows using TLS encryption. Are you using that? I use that (in a demonstration environment). The only documentation I needed was

Re: [Bacula-users] TLS expired certificates

Dan Langille wrote: For the archives, this is the type of email you will see from Bacula when your TLS certificate expires: From: [EMAIL PROTECTED] (Bacula) Subject: Bacula: *none* *none* of *none* *none* Sender: [EMAIL PROTECTED] To: [EMAIL PROTECTED] Date: Fri, 31 Oct 2008 10:00:05

[Bacula-users] TLS connections

Hi, I was just wondering, I have some fd clients on my local net and some fd clients that need to be accessed over the evil interweb. Is it possible that the connections to the internet server are TLS secured and the local clients connections not? -- alex

Re: [Bacula-users] TLS connections

alex wrote: Hi, I was just wondering, I have some fd clients on my local net and some fd clients that need to be accessed over the evil interweb. Is it possible that the connections to the internet server are TLS secured and the local clients connections not? Sure. Your director

Re: [Bacula-users] tls and pki on windows

Hello Dave, Please always copy the list -- thanks. On Sunday 27 May 2007 23:44, Dave wrote: Hi Kern, How much feedback have you got with both tls and pki on windows systems? Yes, some. To the best of my knowledge the comm encryption (tls) is working fine. However, there is an open bug

Re: [Bacula-users] TLS Require = yes, ignored

Arno Lehmann schrieb: I'm also not a guru - and even cmpletely inexperienced regarding Bacula TLS - but that would be a bug... It must be possible to tell the DIR to only accept console connections initiated by a client which can identify itself through TLS. Otherwise, the whole console

[Bacula-users] TLS Require=yes doesn't work

Hi, I'm having troubles configuring tls communications. I think I have done all the certification alright using http://www.devco.net/pubwiki/Bacula/TLSinstructions. I'm first trying to get bconsoe-dir connection to use tls. I have my configuration files as show below and seems to work fine, but

[Bacula-users] TLS Require = yes, ignored

Hi, I'm a Spanish computer science student and I'm working on my thesis which is basically deploying Bacula for my school. I'm kinda desperate because my due date is coming closer and closer and I'm stuck configuring TLS communications. I really wish you could help with this... I'm trying

Re: [Bacula-users] TLS Require = yes, ignored

Hello. I'm really not a guru (I actually am a newbie) but I think you must set TLS Enable = yes in you bconsole.conf (the documentation says TLS Require is ignored if TLS Enable is set to no) Le jeudi 10 mai 2007 à 15:46 +0200, alejandro lencina a écrit : Hi, I'm a Spanish computer science

Re: [Bacula-users] TLS Require = yes, ignored

Hi, On 5/10/2007 4:06 PM, massano jerome wrote: Hello. I'm really not a guru (I actually am a newbie) but I think you must set TLS Enable = yes in you bconsole.conf (the documentation says TLS Require is ignored if TLS Enable is set to no) I'm also not a guru - and even cmpletely

[Bacula-users] TLS configuration and BB

Hello, without TLS configuration for sd connection I have not registred problems. But after adding TLS configuration I get Message Volume data error at 0:1! Wanted block-id: BB02, got . Buffer discarded after labeling tapes. With btape I cannot see any problem. All looks fine. Backup and

Re: [Bacula-users] TLS

On 9 Jan 2007 at 3:42, orlakwahr wrote: Hello, I have configured bacula according to http://www.bacula.org/dev-manual/Bacula_TLS_Communication.html backups are fine, but restores are failing with: RestoreFiles.2007-01-09_03.09.10 Fatal error: Authorization problem: Remote server

[Bacula-users] tls with windows bacula-client

Hello .Is it possible to connect to bacula-dir,sd from windows bacula-fd with TLS? -- Pozdrawiam Leszek Miś Nothing is secure, paranoia is your friend. - Using Tomcat but need to do more? Need to support web services,

[Bacula-users] TLS support for tray-monitor

I just tried configuring tray-monitor to connect with bacula-dir and bacula-sd over TLS, but bacula-tray-monitor says me TLS Enable is not supported in these resources. I found Landon Fuller's mail Re: TLS Support (2005-04-22 11:08) from bacula-devel list saying that TLS support for

Re: [Bacula-users] TLS attempts crashes FD

Howdy -- Sorry for missing the TLS e-mails, I've been out in the Yosemite back country. Can you get a backtrace with symbols out of this crash? -landonf On Sep 5, 2006, at 5:21 PM, Dan Langille wrote: I'm trying to setup TLS with one client. I have two other clients working with TLS.

Re: [Bacula-users] TLS attempts crashes FD

On Wednesday 06 September 2006 02:21, Dan Langille wrote: I'm trying to setup TLS with one client. I have two other clients working with TLS. At this point, I'm just doing a 'status client' and bacula-fd dies. Two questions: 1 - Do we agree that bacula-fd shouldn't die? No, it has

Re: [Bacula-users] TLS attempts crashes FD

On 6 Sep 2006 at 9:55, Kern Sibbald wrote: On Wednesday 06 September 2006 02:21, Dan Langille wrote: I'm trying to setup TLS with one client. I have two other clients working with TLS. At this point, I'm just doing a 'status client' and bacula-fd dies. Two questions: 1 - Do we

[Bacula-users] TLS attempts crashes FD

I'm trying to setup TLS with one client. I have two other clients working with TLS. At this point, I'm just doing a 'status client' and bacula-fd dies. Two questions: 1 - Do we agree that bacula-fd shouldn't die? 2 - Why is my TLS negotiation failing? Both bacula-fd and bacula-dir are

Re: [Bacula-users] TLS attempts crashes FD

On Tue, Sep 05, 2006 at 08:21:25PM -0400, Dan Langille wrote: lists-fd: bsys.c:517 Could not open state file. sfd=-1 size=188: ERR=No such file or directory Are you sure that the TLS errors aren't a red herring? -- Frank Sweetser fs at wpi.edu | For every problem, there is a solution that

[Bacula-users] tls for windows machines

Hello, This may be slightly O.t. if so please respond privately. I've just got tls going with my unix clients. I'd like now to extend this to two windows xp machines, but they don't have anything for generating keys. If anyone has xp boxes doing tls i'd be interested in your procedure.

[Bacula-users] tls for some clients, but not for others

Hello, I've implemented tls connections with a bacula 1.38.11 server and Unix clients, all worked well. My problem is i've discovered winbacula v1.38.10 does not support tls, so i've pretty much just locked out four machines. The issue i believe is between the windows file daemon and the

Re: [Bacula-users] tls for windows machines

On 21 Jul 2006 at 7:53, Dave wrote: Hello, This may be slightly O.t. if so please respond privately. I've just got tls going with my unix clients. I'd like now to extend this to two windows xp machines, but they don't have anything for generating keys. If anyone has xp boxes doing tls

Re: [Bacula-users] tls for some clients, but not for others

On 22 Jul 2006 at 4:36, Dave wrote: I've implemented tls connections with a bacula 1.38.11 server and Unix clients, all worked well. My problem is i've discovered winbacula v1.38.10 does not support tls, so i've pretty much just locked out four machines. The issue i believe is between

Re: [Bacula-users] TLS not working with any certificate

Remind me again, what you're doing and the symptoms? I'm not convinced it's the Director. I am connecting through bconsole, issuing the command 'run' and selecting the only job I've scheduled. One line in the resulting message is as follows: 09-Mar 09:02 x-dir:

Re: [Bacula-users] TLS not working with any certificate

I really think I got it working now! When I am comparing with the instructions given here: http://www.bacula.org/rel-manual/Bacula_TLS.html The difference in my conf is: bacula-fd.conf; add # Global File daemon configuration specifications

  1   2   >