Bug 7967 - TLS keys and certificates dont match.
TLS keys and certificates dont match.
Status: RESOLVED INVALID
Product: Samba 4.0
Classification: Unclassified
Component: Other
unspecified
x64 Linux
: P3 critical
: ---
Assigned To: Andrew Bartlett
samba4-qa@samba.org
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2011-02-21 11:00 UTC by Jacob Oliver
Modified: 2011-02-22 05:16 UTC (History)
0 users

See Also:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Jacob Oliver 2011-02-21 11:00:12 UTC
Hi, im running Samba4.0.0-alpha15-GIT on ubuntu 10 and im experiencing problems with certificates and keys generated by GNUTLS. I managed to install with the new installation format, heres the commands im using(im not totally sure if its part of ./configure.developer):

root@SERVER:/Samba/samba4# ./configure.developer --enable-gnutls --enable-uid-wrapper --enable-nss-wrapper --enable-socket-wrapper --enable-build-farm --abi-check --abi-update --enable-talloc-compat1 --symbol-check --enable-selftest --download

root@SERVER:/Samba/samba4# make

root@SERVER:/Samba/samba# make install

root@SERVER:/Samba/samba4# source4/setup/provision --realm=mestizaje.org --domain=MESTIZAJE --adminpass=XjC2Ff-Nsv --use-xattrs=yes --function-level=2008_R2 --host-ip=192.168.1.50 --host-name=Amorak --server-role='domain controller'

And heres the log:
[Mon Feb 21 16:41:44 2011 GMT, 0 ../source4/smbd/server.c:368:binary_smbd_main()]
samba version 4.0.0alpha15-GIT-2ba57fd started.
Copyright Andrew Tridgell and the Samba Team 1992-2011
[Mon Feb 21 16:41:44 2011 GMT, 0 ../source4/smbd/server.c:470:binary_smbd_main()]
samba: using 'standard' process model
[Mon Feb 21 16:41:44 2011 GMT, 0 ../source4/lib/tls/tls_tstream.c:1147:tstream_tls_params_server()]
TLS failed to initialise certfile /usr/local/samba/private/tls/cert.pem and keyfile /usr/local/samba/private/tls/key.pem - The certificate and the given key do not match.
[Mon Feb 21 16:41:44 2011 GMT, 0 ../source4/ldap_server/ldap_server.c:942:ldapsrv_task_init()]
ldapsrv failed tstream_tls_patams_server - NT_STATUS_CANT_ACCESS_DOMAIN_INFO
[Mon Feb 21 16:41:44 2011 GMT, 0 ../source4/smbd/service_task.c:35:task_server_terminate()]
task_server_terminate: [Failed to startup ldap server task]
[Mon Feb 21 16:41:44 2011 GMT, 0 ../source4/lib/tls/tls.c:419:tls_initialise()]
TLS failed to initialise certfile /usr/local/samba/private/tls/cert.pem and keyfile /usr/local/samba/private/tls/key.pem
[Mon Feb 21 16:41:44 2011 GMT, 0 ../source4/lib/tls/tls.c:453:tls_initialise()]
GNUTLS failed to initialise - The certificate and the given key do not match.
Comment 1 Jacob Oliver 2011-02-22 05:05:46 UTC
Okay, this has been resolved, im not sure what went wrong (possibly talloc?) and im not sure if its just a broken ubuntu system or if samba-tool from the git repository and a lot of other tools (testparm,wbinfo, etc.), but im encountering this with samba3, so i guess it could just be that.
Comment 2 Matthias Dieter Wallnöfer 2011-02-22 05:16:25 UTC
Okay, thanks - then I will mark this as INVALID (not a real bug).