Open pini-gh opened 4 years ago
BTW, any reason for not writing this piece of configuration into /etc/ldap/ldap.conf? It took me hours to figure out there was a
.ldaprc
in the way.
Forget about this part. The reason is that TLS_KEY and TLS_CERT are user-only options. As such they are ignored when in ldap.conf.
Please try to set PHPLDAPADMIN_LDAP_CLIENT_TLS to true.
In /container/service/ldap-client there is a startup.sh script that has a line testing this value to generate a proper ldap.conf.
See here: startup.sh
My problem was that my CA certificate set by PHPLDAPADMIN_LDAP_CLIENT_TLS_CA_CRT_FILENAME was simply ignored...
Could that be your problem too ?
Please try to set PHPLDAPADMIN_LDAP_CLIENT_TLS to true.
Thanks for following up on this issue.
I don't remember how I came up to it, but my workaround is the contrary actually. Here is what I have in my docker compose file:
# Workaround for https://github.com/osixia/docker-phpLDAPadmin/issues/74
PHPLDAPADMIN_LDAP_CLIENT_TLS: "false"
Hi, My undertanding is that the generated configuration for TLS/SSL is broken. The ldap-client startup.sh script generates
~www-data/.ldaprc
referencing a dummy key/cert pair preventing the connection via ldaps://.Manually removing
~www-data/.ldaprc
fixes the problem.BTW, any reason for not writing this piece of configuration into /etc/ldap/ldap.conf? It took me hours to figure out there was a
.ldaprc
in the way.Docker compose file :
Thanks.