SSL!

SELMA.TEKIR at NDSatcom.com SELMA.TEKIR at NDSatcom.com
Mon Jul 17 09:57:24 GMT 2000 

Hello!

I'm still trying to configure samba with SSL. The operating system is Suse
Linux 6.4, samba version 2.0.7. Without ssl, it works well. 

I installed SSLeay and got no error messages. After installing it, I
configured samba with ssl option and no error messages. When I tried to test
my configuration file with testparm, I have the following:

Load smb config files from /usr/local/samba/lib/smb.conf
Unknown parameter encountered: "ssl"
Ignoring unknown parameter "ssl"
Unknown parameter encountered: "ssl server cert"
Ignoring unknown parameter "ssl server cert"
Unknown parameter encountered: "ssl server key"
Ignoring unknown parameter "ssl server key"
Unknown parameter encountered: "ssl CA certDir"
Ignoring unknown parameter "ssl CA certDir"
Processing section "[home]"
Processing section "[tmp]"
Processing section "[public]"
Processing section "[cdrom]"
Loaded services file OK.
Press enter to see a dump of your service definitions                 

MY CONFIGURATION FILE:

# Samba config file created using SWAT
# from localhost (127.0.0.1)
# Date: 2000/07/04 11:04:02

# Global parameters
[global]
	encrypt passwords = Yes
	lock directory = /var/lock/samba
	smb passwd file=/private/smbpasswd
	ssl=yes

	
	ssl server cert=/etc/certificates/cacert.pem
	ssl server key=/etc/certificates/private/cakey.pem
	ssl CA certDir=/etc/certificates

[home]
	comment = Home Directories
	path = /home/selma
	valid users = selma
	writeable = Yes
	create mask = 0750
	browseable = No

[tmp]
	comment = Temporary file space
	path = /tmp
	writeable = Yes
	guest ok = Yes

[public]
	comment = Public Stuff
	path = /home/public
	valid users = selma
	writeable = Yes

[cdrom]
	path = /cdrom
	guest ok = Yes

I also downloaded openssl 0.9.5 and passed the same steps and came to the
same
point. I don't know whether it's important or not but I have read the
following in the SSLeay.txt and searched Samba Makefile for the string
SSL_ROOT, couldn't find anything about it. 


Compiling samba with SSLeay
===========================
1. Get and install SSLeay. The rest of this documentation assumes that you
   have installed it at the default location, which is /usr/local/ssl/.
   I have used SSLeay 0.9.0, but samba will probably also work with other
   versions (but not with versions older than 0.6).
2. Modify the Makefile. At the end of the configurable section you can find
   the SSL definitions. You can find them quickly by searching for SSL_ROOT.
   Unremark the definitions and modify SSL_ROOT if necessary.
3. Compile and install as usual.



Do you have any idea about this problem?

Thanks!


Selma Tekir

More information about the samba mailing list