Closed AndreaGiardini closed 6 years ago
See #25 for an implementation.
I fixed this on my fork - https://github.com/nginxinc/nginx-ldap-auth/pull/38/commits/5d6e8e4f9312f0922b76f1f23deec0376c68c3fd
Perhaps I should split it out into two commits, so people can cherry-pick just the verifyCA bit?
It is trivial to set manually for testing purposes, and is not needed when used in production.
By default the
ldap
library does not accept self-signed certificatesTo let the library accept and verify even self-signed certificate you need to set the following option:
ldap.set_option(ldap.OPT_X_TLS_REQUIRE_CERT, ldap.OPT_X_TLS_ALLOW)
Maybe worth creating an option?