SSL certificates for Samba AD (NSDC host)

planet_jeroen · July 25, 2018, 3:06pm

My domain name is domain.com
Nethserver name is server.domain.com
AD server hostname is nsdc-server.domain.com
The certificate is valid for server.domain.com and nsdc-server.domain.com

Nethserver AD can use TLS, yes. This will use port 636.

thorsten · July 25, 2018, 4:39pm

Hi,

OK, is that correct?
I thougth, best practise is to use
My domain name is domain.com
Nethserver name is server.domain.com
AD server hostname is nsdc-server.**ad.**domain.com

THX
Thorsten

planet_jeroen · July 25, 2018, 7:17pm

I have seen the NethServer installation procedure propose the exact same, but I really have no use for the AD on a subdomain. It overcomplicates the setup for no known-to-me reason. If it is best practice, I have missed a few things.

(It could probably be useful in a huge domain where you are not the single AD server in the domain (forest), like a departmental server)

Zaman · January 12, 2020, 10:32am

Hello, @giacomo @mrmarkuz
hoping consider of the default certificate in the nethserver,I think give a user to choose his cert from web GUI be perfect
Best Regards

giacomo · January 13, 2020, 7:42am

I agree with you that would be cool, but still we didn’t find a simple solution which could work on all scenarios

uebmaster · February 27, 2020, 7:18pm

What’s up?

dnutan · February 27, 2020, 9:59pm

wrong directory (missing private directory)?

uebmaster · February 27, 2020, 11:26pm

then what is the correct path?

dnutan · February 27, 2020, 11:39pm

/etc/pki/tls/private/localhost.key