When trying to add the samba domain of a second NS8, i get the “invalid tls-certificate” error, even when i disabled verify tls. Dis someone experienced this too? Any ideas? Or is it a already known bug?
No, I can’t reproduce the issue. It’s working here, when TLS verify is disabled.
Please check the error notification or the logs for more details about the error:
You may also check the certificate using openssl:
openssl s_client -showcerts -connect <DC_IP>:3269 < /dev/null
2 Likes
Right the cert details are important to understand. Please check if the Samba’s self-signed certificate is expired.
1 Like
openssl s_client -showcerts -connect <DC_IP>:3269 < /dev/null
is giving me very strange output (i´m not very familiar with certificates), but those seem to be linked to different hostname…
with another nethserver vm i could join the domain/cluster without problems…
the webui is showing me, it requested certificates, but they don´t get applied.
Yes, it’s a self-signed cert created by traefik but it should work to allow joining to the domain.
OK, so the logs/error details of the NethServer that wasn’t able to join would be interesting.
To obtain lets encrypt certificates, port 443 (80 on older installations) needs to be reachable from public, see TLS certificates — NS8 documentation
1 Like