search for: mycrl

...e a smartcard which is revoked in the Certificate Revocation List (CRL) but I can still login. Seams like the CRL check is not performed. Any known bug around this? Server setup: - Samba 4.4 on Debian as AD DC - Created domain MYDOM - smb.conf (extract): tls enabled = yes tls crlfile = tls/mycrl.pem (default is to look under private/ folder) Client setup: - Windows 7 machine as client - Joined to the MYDOM domain - Login ok with both username/password and smartcards Smart card: - Principal name test123 at mydom.com (extended attribute) - Certificate with serial number 0x12ab CRL: - In f...

...ill login. Seams like the CRL check is not performed. > Any > > known bug around this? > > > > Server setup: > > - Samba 4.4 on Debian as AD DC > > - Created domain MYDOM > > - smb.conf (extract): > > tls enabled = yes > > tls crlfile = tls/mycrl.pem (default is to look under private/ > folder) > > > CRL: > > - In file system: > > ..../private/tls/mycrl.pem > > > mycrl.pem > > - Contains serial number 0x12ab > > The Heimdal code doing the SmartCard stuff doens't know about the > smb.conf,...

...rformed. > > Any > > > known bug around this? > > > > > > Server setup: > > > - Samba 4.4 on Debian as AD DC > > > - Created domain MYDOM > > > - smb.conf (extract): > > > tls enabled = yes > > > tls crlfile = tls/mycrl.pem (default is to look under private/ > > folder) > > > > > CRL: > > > - In file system: > > > ..../private/tls/mycrl.pem > > > > mycrl.pem > > > - Contains serial number 0x12ab > > > > The Heimdal code doing the SmartCard stu...

...t; known bug around this? > > > > > > > > Server setup: > > > > - Samba 4.4 on Debian as AD DC > > > > - Created domain MYDOM > > > > - smb.conf (extract): > > > > tls enabled = yes > > > > tls crlfile = tls/mycrl.pem (default is to look under private/ > > > folder) > > > > > > > CRL: > > > > - In file system: > > > > ..../private/tls/mycrl.pem > > > > > mycrl.pem > > > > - Contains serial number 0x12ab > > > > >...