Closed Angelin01 closed 3 years ago
I'm trying to setup a fresh install, however my LDAP connection requires TLS and it seems the service fails when trying to connect because of this:
Caused by: LDAPException(resultCode=13 (confidentiality required), diagnosticMessage='confidentiality required', ldapSDKVersion=4.0.10, revision=b2272901fd62ad978017ff1aeb049cafc1999b12)
Now, I am using osixia/openldap and have configured the client TLS to "allow": LDAP_TLS_VERIFY_CLIENT: 'allow'. All my other applications can connect successfully.
LDAP_TLS_VERIFY_CLIENT: 'allow'
There's nothing special in my config:
openldap: image: '${OPENLDAP_VERSION}' container_name: openldap hostname: '${LDAP_HOSTNAME}' command: ['--copy-service'] restart: unless-stopped networks: ldap_in: aliases: - '${LDAP_HOSTNAME}.${COMMON_DOMAIN}' environment: LDAP_TLS: 'true' LDAP_TLS_CRT_FILENAME: 'fullchain.pem' LDAP_TLS_KEY_FILENAME: 'privkey.pem' LDAP_TLS_CA_CRT_FILENAME: 'fullchain.pem' LDAP_TLS_ENFORCE: 'true' LDAP_ORGANISATION: '**REDACTED**' LDAP_DOMAIN: '${COMMON_DOMAIN}' LDAP_BASE_DN: '${BASE_LDAP_DN}' LDAP_ADMIN_PASSWORD: '${LDAP_ADMIN_PWD}' LDAP_TLS_CIPHER_SUITE: 'NORMAL' LDAP_TLS_VERIFY_CLIENT: 'allow' LDAP_RFC2307BIS_SCHEMA: 'true' volumes: - ldap_db_volume:/var/lib/ldap - ldap_config_volume:/etc/ldap/slapd.d - '${CERT_DIR}:/container/service/slapd/assets/certs:ro' ports: - "389:389" acc-manager: image: '${ACC_MANAGER_VERSION}' container_name: acc-manager hostname: '${ACC_MANAGER_HOSTNAME}' restart: unless-stopped networks: - ldap_in - nginx_in environment: LDAP_HOST: '${LDAP_HOSTNAME}.${COMMON_DOMAIN}' SLAPD_BIND_DN: 'cn=admin,${BASE_LDAP_DN}' SLAPD_BASE_DN: '${BASE_LDAP_DN}' SLAPD_PASSWORD: '${LDAP_ADMIN_PWD}' GSUITE_DOMAIN: '${COMMON_DOMAIN}' GSUITE_CLIENT_ID: '${GSUITE_ID}' GSUITE_CLIENT_SECRET: '${GSUITE_SECRET}' volumes: - identity-config:/opt/karaf/etc/identity ports: - '8181:8181' - '8101:8101' depends_on: - openldap
Is there any way to fix this?
hi @Angelin01,
this is legit note, but unfortunately this software does not support it. I'll look on it as soon as possible.
fixed in v0.5.0
v0.5.0
I'm trying to setup a fresh install, however my LDAP connection requires TLS and it seems the service fails when trying to connect because of this:
Now, I am using osixia/openldap and have configured the client TLS to "allow":
LDAP_TLS_VERIFY_CLIENT: 'allow'
. All my other applications can connect successfully.There's nothing special in my config:
Is there any way to fix this?