search for: caroot

Displaying 9 results from an estimated 9 matches for "caroot".

Did you mean: caroots
2014 Apr 22
2
Re: TLS and intermediate CA
Thanks for the response. My current chain is as follows: caroot -> child-ca1 -> server cert My cacert.pem file has both the caroot and the child-ca1 certs. I have recompiled libvirt on my machine with some extra debug statements and verified that both the caroot cert and the child-ca1 certs are being loaded. But when I try to connect the caroot and child...
2014 Apr 21
2
TLS and intermediate CA
I have been trying to get set of libvirtd system up and running. My PKI infrastructure involves a root CA and several intermediate CAs. I am trying to get the machines to trust each other across the different intermediate CAs. This is what I have so far: Libvirtd is starting and listening on tls port 16514 I have configured client/server certs/keys and it seems to be using all of these
2014 Apr 22
0
Re: TLS and intermediate CA
On Tue, Apr 22, 2014 at 08:24:43AM -0600, Nathaniel Cook wrote: > Thanks for the response. > > My current chain is as follows: > > caroot -> child-ca1 -> server cert > > My cacert.pem file has both the caroot and the child-ca1 certs. I have > recompiled libvirt on my machine with some extra debug statements and > verified that both the caroot cert and the child-ca1 certs are being > loaded. But when I try to con...
2009 Nov 02
2
X.509 certificate based IMAP login
...f } The file dovecot-ldap.conf is correct and LDAP authentication is working well. We would like to make it possible for users with a X.509 client certificate to log in without providing LDAP or any other credentials. Is there something like: passdb x509 { args = /pfx/etc/dovecot/dovecot-caroots.pem nopwd = yes } ...avaibable, or is there another solution? Thanks, Brian
2014 Apr 22
0
Re: TLS and intermediate CA
...ertificate CA names" look > right. The problem is that the certificate chain is just the single server > cert and does not include the intermediate cert or root cert. As a result > clients from other intermediate CAs fail to verify the libvirtd process. If you have a chain of CAs caroot -> child-ca1 -> child-ca2 -> server cert Then the cacert.pem file you create on the clients / server must include the certs for caroot, child-ca1 and child-ca2 all in one file. You can basically just concatenate the .pem files for all the CAs into one file and gnutls will load all the CA...
2018 Nov 29
4
Setup a Samba AD DC as an additional DC
...e the DNS to bind9_DLZ. But now we know where to look, Rowland may be able to say things about the internal DNS. Everything below here is atm, not really relevant, above needs to be fixed first. Few other questions, are you running a Cert server on the MS server, if so, make sure you export the CARoot cert and add it on you samba servers and create the samba client certificates. After thats done, and the dns is checked again then we can look at: > '(&(flatname=DARAM)(objectclass=primaryDomain))' base: > 'cn=Primary Domains': No such object: dsdb_search at > ../...
2016 Aug 03
3
Samba 4.2.14 Group Policy (GPO) sync error
Hello, I think I really need some help on this. Since Samba 4.2.11 upgrade my Windows 10 clients are unable to synchronize group policies. I have asked about this already here <https://lists.samba.org/archive/samba/2016-April/199226.html>. Now I re-investigate the issue with Windows 10 1607 update and still face the same issue which prevents me from rolling out this configuration in
2016 Aug 03
5
Samba 4.2.14 Group Policy (GPO) sync error
...a_AD_DC ( missing on that site : add TLS_REQCERT allow  to ldap.conf )     Or a simple setup with own cert. https://www.spinics.net/lists/samba/msg134098.html Its debian minded but translate it to your os, most is same.   Or make them manually https://www.google.nl/search?q=setup+own+caroot#q=openssl+create+self+signed+certificate pik one.     Now, for the other problem, after above is done/checked.   You can clear you GPO history on the pc. Its recreated when you reboot/login again, so now worries..   @echo off DEL /S /F /Q “%ALLUSERSPROFILE%\Application Data\Microsoft\...
2018 Nov 27
10
Setup a Samba AD DC as an additional DC
Hai, I had a quick look. Barry, can you get this script and run it. https://raw.githubusercontent.com/thctlo/samba4/master/samba-collect-debug-info.sh Then post the results to the list. It collects all info i need to have a better look. I have a few ideas, this might be a resolving order problem, i've based on the errors below. Can you also post the output of bind from the point its