[Samba] LDAPS on DC
Fred Smith
fs582087 at gmail.com
Mon Apr 20 00:17:35 MDT 2015
> Does the OpenSSL test connect, and if so with what result?
>
> openssl s_client -showcerts -connect DC.EXAMPLE.COM:636
That seems to work, output below.
openssl s_client -showcerts -connect dc:636
CONNECTED(00000003)
depth=0 O = Samba Administration, OU = Samba - temporary autogenerated
certificate, CN = DC.samdom.example.org
verify error:num=18:self signed certificate
verify return:1
depth=0 O = Samba Administration, OU = Samba - temporary autogenerated
certificate, CN = DC.samdom.example.org
verify return:1
---
Certificate chain
0 s:/O=Samba Administration/OU=Samba - temporary autogenerated
certificate/CN=DC.samdom.example.org
i:/O=Samba Administration/OU=Samba - temporary autogenerated
certificate/CN=DC.samdom.example.org
-----BEGIN CERTIFICATE-----
-removed-
-----END CERTIFICATE-----
---
Server certificate
subject=/O=Samba Administration/OU=Samba - temporary autogenerated
certificate/CN=DC.samdom.example.org
issuer=/O=Samba Administration/OU=Samba - temporary autogenerated
certificate/CN=DC.samdom.example.org
---
Acceptable client certificate CA names
/O=Samba Administration/OU=Samba - temporary autogenerated
certificate/CN=DC.samdom.example.org
/O=Samba Administration/OU=Samba - temporary autogenerated
certificate/CN=DC.samdom.example.org
---
SSL handshake has read 1662 bytes and written 547 bytes
---
New, TLSv1/SSLv3, Cipher is DHE-RSA-AES256-SHA256
Server public key is 1024 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
SSL-Session:
Protocol : TLSv1.2
Cipher : DHE-RSA-AES256-SHA256
Session-ID: -removed-
Session-ID-ctx:
Master-Key: -removed-
Key-Arg : None
PSK identity: None
PSK identity hint: None
SRP username: None
Start Time: 1429510401
Timeout : 300 (sec)
Verify return code: 18 (self signed certificate)
---
^C
More information about the samba
mailing list