[Box Backup] Certificate question

[Ben Summers]

On 27 Oct 2004, at 09:00, Justin H Haynes wrote:

> I hope to accurately outline my ignorance by giving enough 
> information.  I am having a problem getting my certificate signed.   I 
> don't know which piece I don't understand.
>
[snip]
>
> I get this:
> Unable to match 'BACKUP-0' against any domain validated against your 
> account.
>
[snip]
> Well, I have Justin@Haynes.net verified with cacert.org as well as 
> haynesj@mechanus.org.  So, I'm not sure what is going wrong.  I'm 
> assuming I need to leave in the banners when pasting that text.  Also, 
> I'm assuming cacert is picking up the certificate since it identifies 
> it at BACKUP-0.  I dont' understand what it is looking for.  Does it 
> expect an email on file to be in the form of username@hostname?  
> sigil.mechanus.org is behind NAT and only resolves to a private IP 
> address.  should I tell bbackupd-config the hostname is mechanus.org 
> since that does resolve via DNS and because I have 
> haynesj@mechanus.org and not haynesj@sigil.mechanus.org (see my 
> bbackupd-config command above where I used sigil.mechanus.org as the 
> hostname, which is accurate on that machine) ?


Box Backup uses it's own CA. (Unless you install the appropriate 
certificates from another CA, but if you do that you're on your own.)

The bbstored-certs script on the server allows you create the CA and 
sign server and client certificates. See

   http://www.fluffy.co.uk/boxbackup/accounts.html

for more details, ask for help here if you have problems. Follow the 
instructions on the web page and that bbstored-certs outputs carefully, 
and it will work.

Ben