Creating new certificate with SAMBA 4 DNS

Does samba 4 support certbot encryption SSL/TLS encryption? If so, is there any additional configuration that I need for certbot and samba to work?

Note:
In this case I did create an "A" DNS record for nctcld01.ad.kellerautomation.com and the name does resolve.

My domain is:
ad.kellerautomation.com

I ran this command:
sudo certbot --apache -d nctcld01.ad.kellerautomation.com

It produced this output:
http-01 challenge for nxtcld01.ad.kellerautomation.com
Waiting for verification...
Challenge failed for domain nxtcld01.ad.kellerautomation.com
http-01 challenge for nxtcld01.ad.kellerautomation.com
Cleaning up challenges
Some challenges have failed.

IMPORTANT NOTES:

• The following errors were reported by the server:

  Domain: nxtcld01.ad.kellerautomation.com
  Type: dns
  Detail: DNS problem: NXDOMAIN looking up A for
  nxtcld01.ad.kellerautomation.com - check that a DNS record exists
  for this domain

My web server is (include version):
apache 2.4.41

The operating system my web server runs on is (include version):
Ubuntu 20.04

My hosting provider, if applicable, is:
My domain is not public. I have a private domain server running samba v4 that is running on my home network.

I can login to a root shell on my machine (yes or no, or I don't know):
yes

I'm using a control panel to manage my site (no, or provide the name and version of the control panel):
no

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot): 0.40.0

Any advice will be helpful. I really do not know how to resolve this issue.

Thanks for your help.

Welcome to the community @alexan3

Just as the message says ... you do not have a DNS A or AAAA record setup for that domain name. Also see:

I think I have already created the "A" record. Below is a snip of my DNS records.

Also, note that this domain is not public. The domain only lives on my development network.

image1077×528 24.9 KB

Sorry, I misunderstood your request. A quick look online says you can use a self-signed cert with Samba. But, I do not know it well enough to advise further.

The most common Certbot use with Let's Encrypt is to issue certs for public domains. Other volunteers here are better able to advise about clever ways to setup a private LE server (Boulder) or to use a DNS challenge for a wildcard cert. These are advanced methods for special cases.

Are you just trying to protect traffic between devices on your own private network? Or, is public access involved? Can you describe your usage better so others can assist. Thanks

Are you just trying to protect traffic between devices on your own private network?
Answer: Yes.

Is public access involved?
Answer: No.

End Goal: I am a small business owner, and I'm trying to get install nextcloud on my development environment before deploying nextcloud company wide. I wanted to test the collab feature on nextcloud and based on the nextcloud installation guide, SSL/TLS encryption must be configured. Currently, the way nextcloud would be access is through VPN into my private network.

Hope that helps.

Also, thanks for your quick responses.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.