[Samba] Samba and slapd.conf's TLSVerifyClient
Doug Campbell
doug at bpta.net
Thu Apr 7 03:12:09 GMT 2005
I have Samba 3.0.13 and LDAP 2.2.24 installed. I have placed the following
directive in my slapd.conf file.
TLSVerifyClient demand
I have the PADL stuff configured and working fine.
ldapsearch with -ZZ works fine.
I even have the Idealx smbldap-tools working fine.
Samba won't work though unless I set
TLSVerifyClient try
According to the slapd.conf man page, "try" causes a client certificate to
be requested. If no client certificate is returned then the session
proceeds normally. If a client certificate is returned and it is bad the
session is terminated otherwise it should proceed normally.
This seems to mean that either
1. Samba doesn't provide a client certificate
or
2. Samba is providing a bad client certificate
Either way, my question is where do I specify the client certificate for
Samba to use? or put another way, does Samba even support this?
Thanks!
Doug
More information about the samba
mailing list