[Samba] tls verify peer with custom self-signed certificate
Marco Gaiarin
gaio at sv.lnf.it
Tue Apr 17 16:42:51 UTC 2018
Mandi! lingpanda101 via samba
In chel di` si favelave...
> I have external applications such as Apache, NGINX or IIS I authenticate
> with against my DC's. If I enable 'ldap server require strong auth = yes'. I
> break authentication.
Ah, Oh. Consider that samba, as DC, autogenerate some self-signed certs
for their use, don't useautomagically some local CAs, so i think you
have to found a way to substitute the default certs with your local
CA-generated certs.
Seems can be substituted, see:
https://wiki.samba.org/index.php/Configuring_LDAP_over_SSL_(LDAPS)_on_a_Samba_AD_DC
but i'm a bit scared of that. ;-)
--
dott. Marco Gaiarin GNUPG Key ID: 240A3D66
Associazione ``La Nostra Famiglia'' http://www.lanostrafamiglia.it/
Polo FVG - Via della Bontà , 7 - 33078 - San Vito al Tagliamento (PN)
marco.gaiarin(at)lanostrafamiglia.it t +39-0434-842711 f +39-0434-842797
Dona il 5 PER MILLE a LA NOSTRA FAMIGLIA!
http://www.lanostrafamiglia.it/index.php/it/sostienici/5x1000
(cf 00307430132, categoria ONLUS oppure RICERCA SANITARIA)
More information about the samba
mailing list