Anonymous
Not logged in
Log in
Request account
Search
Changes
From Pumping Station One
Namespaces
Page
Discussion
More
More
Languages
Page actions
Read
View source
History
← Older edit
Newer edit →
Systems/Services/Samba
(view source)
Revision as of 14:38, 29 November 2017
423 bytes added
,
14:38, 29 November 2017
no edit summary
Line 1:
Line 1:
−
== Creating SSL CA and certs ==
== Creating SSL CA and certs ==
Line 12:
Line 11:
openssl x509 -req -in dc01.csr -CA rootCA.pem -CAkey rootCA.key -CAcreateserial -out dc01.crt -days 500
openssl x509 -req -in dc01.csr -CA rootCA.pem -CAkey rootCA.key -CAcreateserial -out dc01.crt -days 500
</pre>
</pre>
+
+
+
== Installing keys ==
+
+
Copy them into place (bob):
+
+
* /var/lib/samba/private/tls/bob.key
+
* /var/lib/samba/private/tls/bob.crt
+
* /var/lib/samba/private/tls/rootCA.pem
+
+
Tell samba to use them:
+
+
<pre>
+
[global]
+
tls enabled = yes
+
tls keyfile = tls/bob.key
+
tls certfile = tls/bob.crt
+
tls cafile = tls/rootCA.pem
+
</pre>
+
+
== Tell Samba to stop expiring passwords ==
+
samba-tool domain passwordsettings set --max-pwd-age=0
Bjo
33
edits
Cookies help us deliver our services. By using our services, you agree to our use of cookies.
More information
OK
Navigation
Navigation
Main page
Recent changes
Random page
Help about MediaWiki
Wiki tools
Wiki tools
Special pages
Page tools
Page tools
Userpage tools
More
Printable version