[Samba] file rights tls key files.
Björn JACKE
bjacke at SerNet.DE
Mon Apr 18 13:53:27 UTC 2016
On 2016-04-15 at 11:08 +0200 Reindl Harald sent off:
> >can you say, why you need 440 here? I can't think of a valid use case for that.
> >If another service should use a SSL certificate on that server, you would give
> >that service another certificate then and not reuse the AD server SSL cert
>
> wildcard certificates?
using the same private/public key pair on the DC and other servers might be
convenient but is a very bad idea from a security point of view. But if you
really want to do anything like that, knowingly that this is *bad*, you can
just copy the cert to some other place in the filesystem, where you also need
it.
Björn
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 181 bytes
Desc: not available
URL: <http://lists.samba.org/pipermail/samba/attachments/20160418/4a73994f/signature.sig>
More information about the samba
mailing list