bhoriuchi
commented
4 years ago this module uses the ActiveDirectory module which itself uses the ldapjs module. In the documentation there you should set the "tlsOptions". I have not tested this but it should potentially look like
passport.Use(new ActiveDirectoryStrategy({
ldap: {
// ... normal ldap settings
tlsOptions: {
ca: [fs.readFileSync('path-to-ca-cert.pem')]
}
}
}))
sud0nick
I'm using passport-activedirectory inside a docker container and binding to a domain controller that has certs from an in-house CA. I keep getting UNABLE_TO_GET_LOCAL_ISSUER_CERTIFICATE when a user tries to log in. The CA chain exists on the docker host at /etc/pki/tls/certs/ca-bundle and I've also tried adding them directly to the container using a volume. Could you tell me where this module is looking for CA certs so I can place them in the proper directory?