[Box Backup] RSA_padding_check_PKCS1_type_1:block type is not 01
chris at qwirx.com
Sun Apr 7 12:37:55 BST 2013
I'm sorry you had problems installing the Debian Wheezy packages. I wish I
could help in getting them fixed up.
On Sat, 6 Apr 2013, Chris Walker wrote:
> Anyway, I got the server up and running, I'm now having problems getting
> clients functioning.
> 1) I did bbackupd-config /etc/boxbackup lazy 0 backup01.cableninja.net
> 2) I got the csr it spit out and took it to the backup server
> 3) used bbstored-certs /etc/boxbackup sign
> 4) I took the /etc/boxbackup/bbstored/roots/serverCA.pem and
> /etc/boxbackup/bbstored/clients/0-cert.pem to the server being backed up.
> 5) verified all paths were correct and attempted to start bbackupd.
> Initially I got no output until I started using -V -D (and specifying
> the config path).
> Any help would be greatly appreciated
> OpenVZ System on Centos 6.4 2.6.32-042stab075.2, Container Debian Wheezy
> - Kernel 3.2.0-4 - BoxBackup 0.11rc8+2837
> root at db01:/# bbackupd -V -D /etc/boxbackup/bbackupd.conf
> NOTICE: Starting daemon, version: 0.11rc8+2837
> INFO: Opening connection to server 'backup01.cableninja.net'...
> ERROR: SSL error while connecting: error:0407006A:rsa
> routines:RSA_padding_check_PKCS1_type_1:block type is not 01
> ERROR: SSL error while connecting: error:04067072:rsa
> routines:RSA_EAY_PUBLIC_DECRYPT:padding check failed
> ERROR: SSL error while connecting: error:0D0C5006:asn1 encoding
> routines:ASN1_item_verify:EVP lib
> ERROR: SSL error while connecting: error:14090086:SSL
> routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
I've never seen this error before, and I can't guess very accurately
what's causing it. It looks almost like a failure to speak the (same) SSL
protocol between the two sides. I was able to connect to your boxbackup
server over the Internet using openssl s_client and it did negotiate SSL
properly, so I think the server is working.
I'm not sure I understand your setup correctly. Are both server and
client OpenVZ containers running on Centos 6.4 hosts? Is the host 32-bit
Are the clients both Debian Wheezy? 32-bit or 64-bit? Did you get the Box
Backup packages from Debian in both cases?
Do you have any other Box Backup servers that you could try connecting
your client to, that are known to be working?
Could you try this on your client, and let me know what the output is:
openssl s_client -connect backup01.cableninja.net:2201
You could try the same command with -cert, -key and -CAfile pointing to
your bbackupd certificate, private key and trusted CAs PEM files, and it
should stay connected to the server (and not be disconnected due to not
providing a valid certificate to the server).
Unless something obvious comes up, I think I'm going to have to reproduce
_____ __ _
\ __/ / ,__(_)_ | Chris Wilson <chris+sig at qwirx.com> Cambs UK |
/ (_/ ,\/ _/ /_ \ | Security/C/C++/Java/Ruby/Perl/SQL Developer |
\__/_/_/_//_/___/ | We are GNU : free your mind & your software |
More information about the Boxbackup