So, I have struggled through some issues with my TrueNAS scale setup (Dragonfish-24.04.2) getting Active Directory going in a stable manner. I seem to have worked them all out with a lot of Googling. I ended up having to pre-create the machine in Active Directory, as well as properly create the Kerberos keytab, load it first, and then join the domain. At last, everything seems to be working until… I hit an issue where I have loaded my certificate onto my machine that I had signed by my CA, and I’m not able to use it. In my middlewared.log, I see:
middlewared.plugins.crypto_.load_utils.load_certificate():60 - Failed to parse signature algorithm rsassaPss for …
My CA does use RSASSA-PSS for the signature algorithm. Any pointers for me to tell if this is a general ssl library issue I am hitting, or it this a particular package. I already know which docker packages I have set to use that certificate on their TLS ports (I set filebrowser and unifi-controller to use it so far). I know it’s a “no-no” to update packages outside of the UI, so… even if I figured out it was just a version of a package that hadn’t been approved yet, would I be stuck without updating it? I unfortunately don’t have the option of changing the signing used on the certs.