AD with PKI authentication - issue on cert generation
Lionel Monchecourt
lionel.monchecourt at free.fr
Tue Mar 17 12:33:45 UTC 2020
Hi,
I'm trying to install an AD with PKI auth.I'm so referring to :
https://wiki.samba.org/index.php/Samba_AD_Smart_Card_Login
Let's put aside of course Samba config ..
I'm now trying to generate the root CA.
Using the template in the wiki ,
When I try to
openssl req -new req -new -x509 -days 3650 -sha256 -extensions v3_ca -keyout
private/cakey.pem -out cacert.pem -config /etc/ssl/openssl.cnf
I get the following error :
problem creating object msSmartcardLogin=1.3.6.1.4.1.311.20.2.2
140375913190464:error:08064066:object identifier routines:OBJ_create:oid
exists:../crypto/objects/obj_dat.c:698:
I already tried to replace
scardLogin=1.3.6.1.4.1.311.20.2.2
with
msSmartcardLogin=1.3.6.1.4.1.311.20.2.2
as I found in the thred but it doesn't solve my issue.
I can post in SSL forum but as it is Samba specific, I'm trying here first
as I guess I'm missing something basic ?
Please note that I do not intend to use smartcard, but ONLY certificate, if
it can help
Thanks !
Lionel
--
This email has been checked for viruses by Avast antivirus software.
https://www.avast.com/antivirus
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20200317/9657c920/attachment.html>
More information about the openssl-users
mailing list