RobertAndrewHall
commented
7 years ago I believe you can achieve this with:
ldap_options[:encryption] = { method: ldap_config["ssl"], ca_file: '/path/to/cert' }
Open cheynewallace opened 9 years ago
RobertAndrewHall
commented
7 years ago I believe you can achieve this with:
ldap_options[:encryption] = { method: ldap_config["ssl"], ca_file: '/path/to/cert' }
First up, thanks for a great gem.
Second, I have a requirement to enable TLS LDAP authentication, although unless we can supply a trusted CA cert, its not terribly secure as it will just accept any cert its given.
I had a dig through the Gems code and I don't see anyway to supply a trusted CA cert. It just defaults to simple TLS https://github.com/cschiewek/devise_ldap_authenticatable/blob/master/lib/devise_ldap_authenticatable/ldap/connection.rb#L13
Checking the Ruby docs for the ruby-ldap lib shows that it's probably not that difficult to implement (see: http://www.rubydoc.info/github/ruby-ldap/ruby-net-ldap/Net/LDAP:encryption)
Is there any chance this may be included in the future?