ldap3.core.exceptions.LDAPSocketOpenError: ("('socket ssl wrapping error: [SSL: UNEXPECTED_EOF_WHILE_READING] EOF occurred in violation of protocol (_ssl.c:1007)',)",)

[vishal-denge]

Hi all, I am trying to integrate Jupyterhub with my LDAP server over LDAPS. the OS version I am using is RHEL8.8. with python3 pip package jupyterhub , sudospawner , jupyterhub-ldapauthenticator.

I am getting the below error if try to run Jupyter Hub with:

jupyterhub --ip 0.0.0.0 -f /opt/conda/etc/jupyterhub/jupyterhub_config.py

Traceback (most recent call last):
  File "/bin/configcli", line 33, in <module>
    sys.exit(load_entry_point('configcli==1.0', 'console_scripts', 'configcli')())
  File "/opt/conda/lib/python3.10/site-packages/configcli-1.0-py3.10.egg/configcli/__main__.py", line 207, in main
    result = configcli.onecmd(instruction)
  File "/opt/conda/lib/python3.10/cmd.py", line 217, in onecmd
    return func(arg)
  File "/opt/conda/lib/python3.10/site-packages/configcli-1.0-py3.10.egg/configcli/configcli.py", line 108, in <lambda>
    setattr(self, 'do_' + cmd, lambda x: self.command_do(cmd, x))
  File "/opt/conda/lib/python3.10/site-packages/configcli-1.0-py3.10.egg/configcli/configcli.py", line 200, in command_do
    raise e
  File "/opt/conda/lib/python3.10/site-packages/configcli-1.0-py3.10.egg/configcli/configcli.py", line 186, in command_do
    res = self.commands[cmd].run(line)
  File "/opt/conda/lib/python3.10/site-packages/configcli-1.0-py3.10.egg/configcli/__init__.py", line 139, in run
    return subcmdObj.run(args)
  File "/opt/conda/lib/python3.10/site-packages/configcli-1.0-py3.10.egg/configcli/namespace/connections.py", line 33, in run
    return self.command._get_value("connections", pargs)
  File "/opt/conda/lib/python3.10/site-packages/configcli-1.0-py3.10.egg/configcli/namespace/__init__.py", line 125, in _get_value
    return  self._resolve_indirections(keyTokens, self.jsonData)
  File "/opt/conda/lib/python3.10/site-packages/configcli-1.0-py3.10.egg/configcli/namespace/__init__.py", line 218, in _resolve_indirections
    return data[remainingTokens[0]]
KeyError: 'verify_peer'
2023-09-28 06:17:29,098 DEBUG Jupyterhub Notebook Configuration Inside search bind
2023-09-28 06:17:29,701 DEBUG Jupyterhub Notebook Configuration c.LDAPAuthenticator.lookup_dn : True
2023-09-28 06:17:29,702 DEBUG Jupyterhub Notebook Configuration c.LDAPAuthenticator.server_address : ldaps://ldap-url-here
2023-09-28 06:17:29,702 DEBUG Jupyterhub Notebook Configuration c.LDAPAuthenticator.server_port : 636
2023-09-28 06:17:29,702 DEBUG Jupyterhub Notebook Configuration c.LDAPAuthenticator.use_ssl : True
2023-09-28 06:17:29,702 DEBUG Jupyterhub Notebook Configuration c.LDAPAuthenticator.lookup_dn : True
2023-09-28 06:17:29,702 DEBUG Jupyterhub Notebook Configuration c.LDAPAuthenticator.valid_username_regex : ^[A-Za-z0-9][\s.@A-Za-z0-9_-]*$
2023-09-28 06:17:29,702 DEBUG Jupyterhub Notebook Configuration c.LDAPAuthenticator.user_attribute : sAMAccountName
2023-09-28 06:17:29,702 DEBUG Jupyterhub Notebook Configuration c.LDAPAuthenticator.bind_dn_template : <LazyConfigValue {}>
[I 2023-09-28 06:17:29.809 JupyterHub app:2859] Running JupyterHub version 4.0.2
[I 2023-09-28 06:17:29.809 JupyterHub app:2889] Using Authenticator: ldapauthenticator.ldapauthenticator.LDAPAuthenticator-1.3.1.dev
[I 2023-09-28 06:17:29.809 JupyterHub app:2889] Using Spawner: sudospawner.spawner.SudoSpawner
[I 2023-09-28 06:17:29.809 JupyterHub app:2889] Using Proxy: jupyterhub.proxy.ConfigurableHTTPProxy-4.0.2
[I 2023-09-28 06:17:29.816 JupyterHub app:1664] Loading cookie_secret from /home/notebook/cookie_secret
[I 2023-09-28 06:17:29.886 JupyterHub proxy:556] Generating new CONFIGPROXY_AUTH_TOKEN
[I 2023-09-28 06:17:29.896 JupyterHub app:1984] Not using allowed_users. Any authenticated user will be allowed.
[I 2023-09-28 06:17:29.920 JupyterHub app:2928] Initialized 0 spawners in 0.002 seconds
[I 2023-09-28 06:17:29.926 JupyterHub metrics:278] Found 0 active users in the last ActiveUserPeriods.twenty_four_hours
[I 2023-09-28 06:17:29.927 JupyterHub metrics:278] Found 0 active users in the last ActiveUserPeriods.seven_days
[I 2023-09-28 06:17:29.928 JupyterHub metrics:278] Found 0 active users in the last ActiveUserPeriods.thirty_days
[W 2023-09-28 06:17:29.929 JupyterHub proxy:746] Running JupyterHub without SSL.  I hope there is SSL termination happening somewhere else...
[I 2023-09-28 06:17:29.929 JupyterHub proxy:750] Starting proxy @ http://0.0.0.0:8000/
06:17:30.141 [ConfigProxy] info: Proxying http://0.0.0.0:8000 to (no default)
06:17:30.143 [ConfigProxy] info: Proxy API at http://127.0.0.1:8001/api/routes
06:17:30.332 [ConfigProxy] info: 200 GET /api/routes
[I 2023-09-28 06:17:30.332 JupyterHub app:3178] Hub API listening on http://0.0.0.0:8081/hub/
[I 2023-09-28 06:17:30.332 JupyterHub app:3180] Private Hub API connect url http://test6-jupyter-ldfvg-0:8081/hub/
06:17:30.334 [ConfigProxy] info: 200 GET /api/routes
[I 2023-09-28 06:17:30.334 JupyterHub proxy:477] Adding route for Hub: / => http://test6-jupyter-ldfvg-0:8081
06:17:30.336 [ConfigProxy] info: Adding route / -> http://test6-jupyter-ldfvg-0:8081
06:17:30.337 [ConfigProxy] info: Route added / -> http://test6-jupyter-ldfvg-0:8081
06:17:30.337 [ConfigProxy] info: 201 POST /api/routes/
[I 2023-09-28 06:17:30.337 JupyterHub app:3245] JupyterHub is now running at http://0.0.0.0:8000/
[E 2023-09-28 06:17:45.682 JupyterHub web:1871] Uncaught exception POST /hub/login?next=%2Fhub%2F (10.1.148.52)
    HTTPServerRequest(protocol='http', host='10.1.148.51:10038', method='POST', uri='/hub/login?next=%2Fhub%2F', version='HTTP/1.1', remote_ip='10.1.148.52')
    Traceback (most recent call last):
      File "/opt/conda/lib/python3.10/site-packages/tornado/web.py", line 1786, in _execute
        result = await result
      File "/opt/conda/lib/python3.10/site-packages/jupyterhub/handlers/login.py", line 162, in post
        user = await self.login_user(data)
      File "/opt/conda/lib/python3.10/site-packages/jupyterhub/handlers/base.py", line 828, in login_user
        authenticated = await self.authenticate(data)
      File "/opt/conda/lib/python3.10/site-packages/jupyterhub/auth.py", line 492, in get_authenticated_user
        authenticated = await maybe_future(self.authenticate(handler, data))
      File "/opt/conda/lib/python3.10/site-packages/ldapauthenticator/ldapauthenticator.py", line 373, in authenticate
        username, resolved_dn = self.resolve_username(username)
      File "/opt/conda/lib/python3.10/site-packages/ldapauthenticator/ldapauthenticator.py", line 236, in resolve_username
        conn = self.get_connection(
      File "/opt/conda/lib/python3.10/site-packages/ldapauthenticator/ldapauthenticator.py", line 326, in get_connection
        conn = ldap3.Connection(
      File "/opt/conda/lib/python3.10/site-packages/ldap3/core/connection.py", line 363, in __init__
        self._do_auto_bind()
      File "/opt/conda/lib/python3.10/site-packages/ldap3/core/connection.py", line 387, in _do_auto_bind
        self.open(read_server_info=False)
      File "/opt/conda/lib/python3.10/site-packages/ldap3/strategy/sync.py", line 57, in open
        BaseStrategy.open(self, reset_usage, read_server_info)
      File "/opt/conda/lib/python3.10/site-packages/ldap3/strategy/base.py", line 146, in open
        raise exception_history[0][0]
    ldap3.core.exceptions.LDAPSocketOpenError: ("('socket ssl wrapping error: [SSL: UNEXPECTED_EOF_WHILE_READING] EOF occurred in violation of protocol (_ssl.c:1007)',)",)

[E 2023-09-28 06:17:45.704 JupyterHub log:183] {

Can someone please help me here?

[welcome[bot]]

Thank you for opening your first issue in this project! Engagement like this is essential for open source projects! :hugs:
If you haven't done so already, check out Jupyter's Code of Conduct. Also, please try to follow the issue template as it helps other other community members to contribute more effectively. You can meet the other Jovyans by joining our Discourse forum. There is also an intro thread there where you can stop by and say Hi! :wave:
Welcome to the Jupyter community! :tada:

[tutuca]

I'm having the same issue with an active directory server.

[MaryDBurke01]

I'm having the same issue

[consideRatio]

Closing in favor of https://github.com/jupyterhub/ldapauthenticator/issues/259