Sto cercando di far funzionare Bareos con la crittografia TLS utilizzando un certificato autofirmato.
Ho usato il nome del server per il certificato autofirmato CN. Il server NON ha un set di domini.
Ma sto ricevendo un errore ...
# bconsole
Connecting to Director Server-Name:9xxx
Authorization problem with Director at "Server-Name:9xxx"
Most likely the passwords do not agree.
If you are using TLS, there may have been a certificate validation error during the TLS handshake.
Please see http://doc.bareos.org/master/html/bareos-manual-main-reference.html#AuthorizationErrors for help.
Anche dal registro ...
05-Oct 10:23 bareos-dir JobId 0: Fatal error: Authorization problem: Remote server did not advertize required TLS support.
05-Oct 10:23 bareos-dir: ERROR in authenticate.c:283 Unable to authenticate console "*UserAgent*" at client:17.x.x.x5:9xxx.
Sono curioso di sapere se questo ha a che fare con il modo in cui TLS risolve il nome host per abbinarlo al certificato. Il CN / Name-of-the-server si trova in / etc / hosts, ma non è risolvibile tramite DNS.
cioè.
root@Server-Name ~ # hostname
Server-Name
root@Server-Name ~ # domainname
(none)
root@Server-Name ~ # ping Server-Name
PING Server-Name (17x.x.x.x5) 56(84) bytes of data.
64 bytes from Server-Name (17x.x.x.x5): icmp_seq=1 ttl=64 time=0.042 ms
64 bytes from Server-Name (17x.x.x.x5): icmp_seq=2 ttl=64 time=0.034 ms
64 bytes from Server-Name (17x.x.x.x5): icmp_seq=3 ttl=64 time=0.040 ms
^C
--- Server-Name ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 1998ms
rtt min/avg/max/mdev = 0.034/0.038/0.042/0.007 ms
root@Server-Name ~ # nslookup Server-Name
Server: 2x.x.x.x0
Address: 2x.x.x.x0#53
** server can't find Server-Name: NXDOMAIN