Displaying 2 results from an estimated 2 matches for "comodo_aaa_services_root".
2020 Aug 10
0
[Solved] Problem with intermediate certificate (tls cafile)
...single file which is then your "tls certfile" then point "tls
> cafile" to your issuers proper CA or just to your distro's CA bundle,
> e.g /etc/pki/tls/certs/ca-bundle.crt.
You're right, on Samba, it works that way
# smb.conf extract
tls cafile = /etc/ssl/certs/Comodo_AAA_Services_root.pem
tls certfile = /etc/ssl/certs/ad-rep2.example.com-certonly+intermediate.pem
tls keyfile = /etc/ssl/private/ad-rep2.example.com.key
openssl s_client -showcerts -connect ad-rep2.example.com:636
....
SSL handshake has read 6020 bytes and written 428 bytes
Verification: OK
---
New, TLSv1.3, Ciph...
2020 Aug 06
4
Problem with intermediate certificate (tls cafile)
If I were guessing, based on some experience with certificate usage in
other apps, concatenate your certificate and intermediate certificates
into a single file which is then your "tls certfile" then point "tls
cafile" to your issuers proper CA or just to your distro's CA bundle,
e.g /etc/pki/tls/certs/ca-bundle.crt.
Nick
On 06/08/2020 16:36, MAS Jean-Louis via samba