2070411 – [RHEL9] [RFE] Support Certificate Auto Enrollment in Samba

Bug 2070411 - [RHEL9] [RFE] Support Certificate Auto Enrollment in Samba

Summary: [RHEL9] [RFE] Support Certificate Auto Enrollment in Samba

Keywords:
Status:	NEW
Alias:	None
Product:	Red Hat Enterprise Linux 9
Classification:	Red Hat
Component:	samba
Sub Component:
Version:	9.0
Hardware:	All
OS:	Linux
Priority:	unspecified
Severity:	low
Target Milestone:	rc
Target Release:	---
Assignee:	Andreas Schneider
QA Contact:	Denis Karpelevich
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2022-03-31 06:28 UTC by Sunny Wu
Modified:	2023-08-15 07:12 UTC (History)
CC List:	5 users (show)
Fixed In Version:
Doc Type:	If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed:
Type:	Story
Target Upstream Version:
Embargoed:
Dependent Products:

Attachments	(Terms of Use)

Links
System	ID	Priority	Status	Summary	Last Updated
Red Hat Issue Tracker	RHELPLAN-117434	None	None	None	2022-03-31 06:51:58 UTC
Red Hat Issue Tracker	SSSD-4763	None	None	None	2022-06-15 11:55:43 UTC
Red Hat Issue Tracker	SSSD-6368	None	None	None	2023-06-29 08:17:17 UTC

Description Sunny Wu 2022-03-31 06:28:09 UTC

The next stable release of Samba (4.16) introduces a new feature, Certificate auto enrolment: https://wiki.samba.org/index.php/Certificate_Auto_Enrollment

To achieve this functionality, Samba leverages a number of third party components, most of which are not available as RPM packages.

The components for which RPMs are not available are:
* SSCEP - https://github.com/certnanny/sscep
* Oddjob-gpupdate - https://github.com/openSUSE/oddjob-gpupdate
* cepces - https://github.com/openSUSE/cepces

I would like to request that Red Hat create RPMs for these components  and include them when Samba 4.16 is released to the official RHEL repositories.

Comment 9 Ding-Yi Chen 2022-06-17 00:16:34 UTC

I have file package review request:

Bug 2097925 - Review Request: cepces - Certificate Enrollment through CEP/CES

https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=2097925

Looking for reviewer.

Comment 10 Andreas Schneider 2022-06-24 12:36:30 UTC

Thank you very muck. I've picked it up for review. However we probably want to fix cepces first to use GSSAPI https://github.com/openSUSE/cepces/pull/18

Note You need to log in before you can comment on or make changes to this bug.