[Samba] Samba StartTLS
steve at steve-ss.com
Fri Nov 11 12:34:53 MST 2011
On 11/11/2011 08:23 PM, zoolook wrote:
> 2011/11/11 steve<steve at steve-ss.com>:
>> On 11/11/2011 08:31 AM, steve wrote:
>>> Lan with opensuse 11.4 Samba and LDAP server. Linux, win-xp and win7
>>> Nov 10 11:20:16 hh1 smbd: [2011/11/10 11:20:16.268556, 0]
>>> Nov 10 11:20:16 hh1 smbd: Failed to issue the StartTLS
>>> Connect error
>> TLS_REQCERT never
>> allows windows to connect to the samba domain with TLS.
>> Can anyone comment on the security of this workaround?
> Or you can copy your servers' CA to your clients, in this case your
> samba server and use "TLS_REQCERT hard"
> Your solution works, but some other machine can impersonate your ldap
> server and your smb server will never know the difference.
Thanks for the reply.
But then I'm back to the samba not being able to use tls errors as above
I made the workaround to get rid of the error. But I'll have a go. So,
On a win 7 client, where do I put the CA cert?
More information about the samba