[Samba] Enable TLS with own Certificates on Member DC
Hans Schulze
h.schulze at labor-ostsachsen.de
Thu Sep 14 08:36:07 UTC 2023
Hello,
some short questions: For the pdc i have created new certificates and
enabled tls in smb.conf, like...
tls enabled = yes
tls certfile = /var/lib/samba/private/tls/dc1-cert.pem
tls keyfile = /var/lib/samba/private/tls/secure/dc1-privkey.pem
tls cafile = /var/lib/samba/private/tls/interca.pem
tls crlfile = /var/lib/samba/private/tls/interca.crl
tls dhparams file = /var/lib/samba/private/tls/dc1dhparams.pem
I proceeded according to the following tutorial:
https://wiki.samba.org/index.php/Samba_AD_Smart_Card_Login
How is the TLS configured on the member/secondary domain controllers?
For each dc his own dh parameters? Is the rest of the configuration
otherwise the same to the pdc?
I found no informations about it and had some trouble with
authentication first time i tried.
regards
More information about the samba
mailing list