Dear all (ad a) Now, it seems to work -- even though I am not sure that the communication is now indeed protected by TLS.
in bareos-dir.conf, I changed the storage section to Storage { Name = FileStorage1 Address = backup.fritz.box # N.B. Use a fully qualified name here SDPort = 9103 Password = "password" Device = FileStorage1 Media Type = File TLS Enable = yes TLS Require = yes TLS CA Certificate File = /etc/bareos/ssl/cacert.pem TLS Certificate = /etc/bareos/ssl/qtron.gloetzner.net.crt TLS Key = /etc/bareos/ssl/qtron.gloetzner.net.key } In bareos-sd.conf, I have changed the director section to: Director { Name = backup-dir Password = "<password>" TLS Certificate = /etc/bareos/ssl/qtron.fritz.box.crt TLS Key = /etc/bareos/ssl/qtron.fritz.box.key TLS CA Certificate File = /etc/bareos/ssl/cacert.pem TLS Allowed CN = backup.dns,net TLS Allowed CN = backup.fritz.box TLS Enable = yes TLS Require = yes TLS Verify Peer = yes } Is it possible to check if the communication runs indeed encrypted? I have seen posts of other with the same question, but the responses were somewhat unsatisfying: The suggestion was to issue a status command to the storage daemon... Thanks Tilman -- You received this message because you are subscribed to the Google Groups "bareos-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to bareos-users+unsubscr...@googlegroups.com. To post to this group, send email to bareos-users@googlegroups.com. For more options, visit https://groups.google.com/d/optout.