[Samba] start tls problem
Jeff Saxton
jsaxton at addamark.com
Mon Aug 30 18:48:10 GMT 2004
For openldap it is (usually) specified in
/usr/local/openldap/etc/openldap/ldap.conf
WATCH OUT: if you have the padl stuff installed there are ( usually ) 2
ldap.conf files, one for openldap and 1 for padl
These have very different syntaxes. You can use the following command
to see which file is being used by openldap:
# strace ldapsearch -x -D 'cn=manager,dc=example,dc=com' -b
'ou=people,dc=example.dc=com' -w secret | grep ldap.conf
I believe that the config file directive is:
TLS_CACERT /path/to/ca/cert.pem
Jeff Saxton
Sr. Support Engineer
Addamark Technologies, Inc.
http://www.addamark.com
mailto:support at addamark.com
CELL: +1 415-640-6392
-----Original Message-----
From: samba-bounces+jeff.saxton=addamark.com at lists.samba.org
[mailto:samba-bounces+jeff.saxton=addamark.com at lists.samba.org] On
Behalf Of moof48 at temple.edu
Sent: Monday, August 30, 2004 11:38 AM
To: samba at lists.samba.org
Subject: [Samba] start tls problem
I'm having trouble getting tls working. It used to work
until I changed the smb.conf file to to poing to a different
host. I think I have tracked it down to ldap servers ssl
cert issuer(CA).
I keep getting errors like "self signed certificate in
certificate chain" while using openssl commands or a
ldapsearch w/ tls and debug mode.
So my question is... Where can I put a copy of my CA's
cert. Everything workes fine with openssl command when I
throw it a file the ca certs in it. What does samba/ldap
use. Do I need to put it in the openssl stuff? Any help is
appreciated.
--
To unsubscribe from this list go to the following URL and read the
instructions: http://lists.samba.org/mailman/listinfo/samba
More information about the samba
mailing list