[Samba] autogenerated self-signed certificate problem

Carlos Bordon cgermanb at gmail.com
Fri Jul 20 14:36:15 UTC 2018

Hi people,

i have a problem with trying ldaps

i use autogenerated self-signed certificate, i write in smb this:
tls enabled  = yes
tls keyfile  = tls/key.pem
tls certfile = tls/cert.pem

without cafile

when i try to verify with:

openssl verify /usr/local/samba/private/tls/myCert.pem
it said me unable to verify the first certificate
and if add -CApath works!

and finally when i try from another dc with
openssl s_client -showcerts -connect dc1.samdom.example.com:636
it said me unable to verify the fisrt certificate.

i need add cafile in smb?
what is worng?

More information about the samba mailing list