Foreman and Samba4 AD

For those that are on a Samba4 AD and thus don't have Active Directory
Certificate Services and want to use LDAPS in foreman-1.7.4, this is how
to add the CA to theforeman:

  • copy /var/lib/samba4/private/tls/cert.pem from your Samba4 server to
    (path depends on where you have samba4 installed but the
    ./private/tls/cert.pem is always there)
  • cd /etc/pki/tls/certs
  • ln -s samba4.pem /etc/pki/tls/certs/$(openssl x509 -noout -hash -in

Change 'samba4.pem' everywhere to what your naming convention is.