Vincent J wrote:
>
>
> Hi All,
>
> Need some help with the Data Encryption of a Windows client FD. I've been
> looking
> through the list of archive emails of bacula-users list for some references
> as well as
> suggestions. Issue: I'm using Win32 2.4.2 version, I've commented out the
> configurations
> that I use for tls, on all Dir,FD,SD and just inserted the configuration for
> Data
> Encryption according to the manual.
>
> # "Global" File daemon configuration specifications
> #
> FileDaemon { # this is me
> Name = smallsteps-fd
> FDport = 9102 # where we listen for the director
> WorkingDirectory = "C:\\Documents and Settings\\All Users\\Application
> Data\\Bacula\\Work"
> Pid Directory = "C:\\Documents and Settings\\All Users\\Application
> Data\\Bacula\\Work"
> Maximum Concurrent Jobs = 4
> #TLS Enable = yes
> #TLS Require = yes
> #TLS CA Certificate file = C:/bacula/certs/CA.crt
> #TLS Certificate = C:/bacula/etc/ssl/xxx/smallsteps-fd.crt
> #TLS Key = C:/bacula/etc/ssl/xxx/smallsteps-fd.key.pem
>
> PKI Signatures = yes
> PKI Encryption = yes
> PKI Keypair = "C:/smallsteps-fd.key.pem"
> #PKI Master Key = "C:/Bacula/master.crt"
>
> }
>
> But,when I try to start the bacula service it fails to start, any help would
> be
> appreciated. Here's the link that I saw this morning while searching for
> some answers:
>
> http://www.nabble.com/Bacula-Data-Encryption---High-Level-Design-tt622581.html#a622581
>
These are the commands I execute, on a linux machine, to generate the
client pem's for linux and windows clients.
openssl genrsa -out $FD.key 2048
openssl req -batch -new -key $FD.key -x509 -out $FD.cert
cat $FD.key $FD.cert > $FD.pem
Notice that the pem file contains both public and private keys. Here
are the commands I use to create the master key.
openssl genrsa -out master.key 2048
openssl req -batch -new -key master.key -x509 -out master.cert
The file on the client, master.cert, contains only the public key.
I haven't tried it but my understanding is you can start the bacula-fd
at a Windows command prompt and see what error messages it produces.
Remember to burn all your keys onto a cdrom and lock it in a safe somewhere.
Bill
------------------------------------------------------------------------------
Create and Deploy Rich Internet Apps outside the browser with Adobe(R)AIR(TM)
software. With Adobe AIR, Ajax developers can use existing skills and code to
build responsive, highly engaging applications that combine the power of local
resources and data with the reach of the web. Download the Adobe AIR SDK and
Ajax docs to start building applications today-http://p.sf.net/sfu/adobe-com
_______________________________________________
Bacula-users mailing list
Bacula-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/bacula-users
