Small update to cater for the encryption parameter used when initializing Net::LDAP.
Current implementation of this gem will set the encryption value to :simple_tls if the ssl flag is set to true in ldap.yml which is not compatible according to the documentation:
:encryption => specifies the encryption to be used in communicating with the LDAP server. The value must be a Hash containing additional parameters, which consists of two keys:
method: - :simple_tls or :start_tls
tls_options: - Hash of options for that method
This PR allows updates the default value to accommodate TLS with certificate verification if ssl is set to true, but further allows override of the encryption parameter opening to flexiblilty for specific requirements of tls options.
This is particularly a pain point for me because my specific requirement is to NOT verify the server certificate.
With the changes introduced here I can specify within ldap.yml the following:
Small update to cater for the encryption parameter used when initializing Net::LDAP.
Current implementation of this gem will set the encryption value to :simple_tls if the ssl flag is set to true in ldap.yml which is not compatible according to the documentation:
https://www.rubydoc.info/github/ruby-ldap/ruby-net-ldap/Net%2FLDAP:initialize
This PR allows updates the default value to accommodate TLS with certificate verification if ssl is set to true, but further allows override of the encryption parameter opening to flexiblilty for specific requirements of tls options.
This is particularly a pain point for me because my specific requirement is to NOT verify the server certificate.
With the changes introduced here I can specify within ldap.yml the following: