Hello
I am having a problem getting encryption working in Bacula 11.0.5. I have
looked at the problem until I am almost blind, but I don’t see a configuration
error. Could someone take a look and see if it is something obvious I am
missing? I apologize for the length of this post; hopefully I’ve included all
the required information.
Thanks,
Kelly
I get the following from the bacula director (in debug mode):
bacula-dir: message.c:861-805 Enter dispatch_msg type=3 msg=bacula-dir JobId
805: Fatal error: Authorization problem: SD "Storage daemon:storage.xxx.yyy"
did not advertise required TLS support.
Here’s an excerpt from my (redacted) bacula-dir.conf file:
Director {
Name = bacula-dir
DIRport = 9101
QueryFile = "/etc/bacula/scripts/query.sql"
WorkingDirectory = "/mnt/scratch/Working_Directory"
PidDirectory = "/var/run"
Maximum Concurrent Jobs = 20
Password = “password"
Messages = Daemon
DirAddress = bacula-dir.xxx.yyy
Plugin Directory = /opt/bacula/plugins
TLS Enable = yes
TLS Require = yes
TLS CA Certificate Dir = /etc/ssl/certs
TLS CA Certificate File = /etc/ssl/certs/bacula-dir_interm.pem
TLS Certificate = /etc/ssl/certs/bacula-dir_cert.cer
TLS Key = /etc/ssl/private/bacula-dir.key
}
Autochanger {
Name = LTO8-Autochanger
Address = storage.cse.eng.auburn.edu<http://storage.cse.eng.auburn.edu>
Password = “password"
Device = LTO8-Autochanger
Media Type = LTO-8
Maximum Concurrent Jobs = 20
}
Storage {
Name = Tape_Drive
Address = storage.cse.eng.auburn.edu<http://storage.cse.eng.auburn.edu>
FD Storage Address =
storage.cse.eng.auburn.edu<http://storage.cse.eng.auburn.edu>
Password = “password"
Device = Tape_Drive
Autochanger = LTO8-Autochanger
Media Type = LTO-8
Maximum Concurrent Jobs = 5
Allow Compression = yes
TLS Enable = yes
TLS Require = yes
TLS Authenticate = yes
TLS CA Certificate Dir = /etc/ssl/certs
TLS CA Certificate File = /etc/ssl/certs/bacula-dir_interm.pem
TLS Certificate = /etc/ssl/certs/bacula-dir_cert.cer
TLS Key = /etc/ssl/private/bacula-dir.key
}
Here’s an excerpt from my bacula-sd.conf file:
Storage { # definition of myself
Name = storage
WorkingDirectory = "/scratch/working"
Pid Directory = "/scratch/working"
Plugin Directory = "/opt/bacula/plugins"
Maximum Concurrent Jobs = 20
SDAddress = storage.xxx.yyy
CommCompression = yes
TLS Enable = yes
TLS Require = yes
TLS Authenticate = yes
TLS CA Certificate File = /etc/ssl/certs/storage_interm.cer
TLS Certificate = /etc/ssl/certs/storage_cert.cer
TLS Key = /etc/ssl/private/storage.pem
}
Director {
Name = bacula-dir
Password = “password"
TLS Enable = yes
TLS Require = yes
TLS Verify Peer = yes
TLS Authenticate = yes
TLS CA Certificate File = /etc/ssl/certs/storage_interm.cer
TLS Certificate = /etc/ssl/certs/storage_cert.cer
TLS Key = /etc/ssl/private/storage.pem
}
Autochanger {
Name = LTO8-Autochanger
Device = Tape_Drive
Changer Device = /dev/sg13
Changer Command = "/opt/bacula/scripts/mtx-changer %c %o %S %a %d"
}
Device {
Name = Tape_Drive
Archive Device = /dev/nst0
Device Type = Tape
Media Type = LTO-8
Autochanger = yes
Changer Device = /dev/sg13
Changer Command = "/opt/bacula/scripts/mtx-changer %c %o %S %a %d"
Control Device = /dev/sg12
Alert Command = "/opt/bacula/scripts/tapealert %l"
Autoselect = yes
Always Open = yes
Removable Media = yes
Random Access = no
Requires Mount = no
Maximum File Size = 100GB
Maximum Concurrent Jobs = 20
}
_______________________________________________
Bacula-users mailing list
Bacula-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/bacula-users
