Bug 2070411 - [RHEL9] [RFE] Support Certificate Auto Enrollment in Samba
Summary: [RHEL9] [RFE] Support Certificate Auto Enrollment in Samba
Keywords:
Status: NEW
Alias: None
Product: Red Hat Enterprise Linux 9
Classification: Red Hat
Component: samba
Version: 9.0
Hardware: All
OS: Linux
unspecified
low
Target Milestone: rc
: ---
Assignee: Andreas Schneider
QA Contact: Denis Karpelevich
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2022-03-31 06:28 UTC by Sunny Wu
Modified: 2023-08-15 07:12 UTC (History)
5 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed:
Type: Story
Target Upstream Version:
Embargoed:


Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Issue Tracker RHELPLAN-117434 0 None None None 2022-03-31 06:51:58 UTC
Red Hat Issue Tracker SSSD-4763 0 None None None 2022-06-15 11:55:43 UTC
Red Hat Issue Tracker SSSD-6368 0 None None None 2023-06-29 08:17:17 UTC

Description Sunny Wu 2022-03-31 06:28:09 UTC
The next stable release of Samba (4.16) introduces a new feature, Certificate auto enrolment: https://wiki.samba.org/index.php/Certificate_Auto_Enrollment

To achieve this functionality, Samba leverages a number of third party components, most of which are not available as RPM packages.

The components for which RPMs are not available are:
* SSCEP - https://github.com/certnanny/sscep
* Oddjob-gpupdate - https://github.com/openSUSE/oddjob-gpupdate
* cepces - https://github.com/openSUSE/cepces

I would like to request that Red Hat create RPMs for these components  and include them when Samba 4.16 is released to the official RHEL repositories.

Comment 9 Ding-Yi Chen 2022-06-17 00:16:34 UTC
I have file package review request:

Bug 2097925 - Review Request: cepces - Certificate Enrollment through CEP/CES

https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=2097925

Looking for reviewer.

Comment 10 Andreas Schneider 2022-06-24 12:36:30 UTC
Thank you very muck. I've picked it up for review. However we probably want to fix cepces first to use GSSAPI https://github.com/openSUSE/cepces/pull/18


Note You need to log in before you can comment on or make changes to this bug.