Damian
unread,Aug 1, 2019, 9:47:26 AM8/1/19Sign in to reply to author
Sign in to forward
You do not have permission to delete messages in this group
Either email addresses are anonymous for this group or you need the view member email addresses permission to view the original message
to bareos...@googlegroups.com
Hi,
I try to understand how Bareos uses the PKI Keypair on a client. The
docs suggest to create an RSA private key and a X509 certificate. What
is the certificate for? If I understand the code in
core/src/lib/crypto_openssl.cc correctly, only the public key is used
to verify data. More precisely, I'd like to know if the following
scenario would work:
- Generate RSA private key K1, archive it.
- Create X509 certificate P1 using K1 as its private key.
- Set P1+K1 as PKI Keypair.
- Backup data via bareos.
- Create X509 certificate P2 using K1 as its private key.
- Set P2+K1 as PKI Keypair.
- Restore data via bareos.
Thank you