Gerald (Jerry) Carter wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Martin Ritchie wrote: | | How do i get samba to accept a self signed certificate | from my ldap server?
You need the openldap client libs to accept the cert. See the howto at
http://www.openldap.org/pub/ksoper/OpenLDAP_TLS_howto.html
I had the client libs set up to be the default i.e. tls_checkpeer was set to no. This worked fine for the nss_ldap client.
I changed this to yes and gave the tls_cacertfile the ca file and things still worked for nss_ldap.
However, I still get the same probelm with samba. Am I doing something wrong?
While I know this seems to have more of a LDAP focus I believe the problem is else where. nss_ldap and pam_ldap both work fine with the /etc/ldap.conf settings yet samba 3.0.2 still gives a certificate error:
error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
Does someone have a ldap/samba setup using SSL rather than TLS with self-signed certs?
Cheers
-- Martin Ritchie
the Kelvin Institute 50, George Street Glasgow Scotland, UK G1 1QE
www.kelvininstitute.com +44 (0) 141 548 5719 -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
