[Samba] TLS ca/cert/key creation
Rowland Penny
rpenny at samba.org
Thu Jan 3 16:23:43 UTC 2019
On Thu, 3 Jan 2019 08:10:30 -0800
Gregory Sloop via samba <samba at lists.samba.org> wrote:
> Really Rowland?
Yes, really!
>
> As quoted:
> >> I believe I need to examine TLS since when I set "ldap server
> >> require strong auth = allow_sasl_over_tls" or "ldap server require
> >> strong auth = yes" user and group queries fail.
>
> This is OBVIOUSLY using LDAP and TLS.
I am not arguing that.
> If this was via NTLM/Kerberos, the above setting wouldn't make the
> slightest difference.
It doesn't
>
> But all that aside - the key question is: [Again, lets quit arguing
> if this is TLS/LDAP or Kerberos.]
>
> *** How do I get visability into the TLS negotiation so I can figure
> out what's wrong with my ca/certs/keys.
>
> -Greg
I will send you some notes I made when testing LDAP searches via
SSL/TLS, perhaps these will help.
Rowland
More information about the samba
mailing list