Closed KiranmaiKalla closed 1 year ago
PD ldaps:// url not working for SSL encryption, PD connectivity is failing on ldaps://example.com:1636 with SSL encryption, but it is working without SSL encryption.
Below is our values file, please let me know if we are missing something
`pingdirectory: cronjob: enabled: false spec: {}
jobspec: {} image: bitnami/kubectl:latest args: []
enabled: true name: pingdirectory image: repository:nexus.net name: vendor/docker/pingidentity/pingdirectory tag: "2301"
container: replicaCount: 2 resources: requests: cpu: 6 memory: 25Gi limits: cpu: 7 memory: 30Gi
terminationGracePeriodSeconds: 300 probes: readinessProbe: periodSeconds: 30 failureThreshold: 4 startupProbe: periodSeconds: 10 failureThreshold: 180
workload: type: StatefulSet statefulSet: persistentvolume: volumes: out-dir: persistentVolumeClaim: storageClassName: ebs-sc resources: requests: storage: 8Gi secretVolumes: pingdirectory-license: items: license: /opt/staging/pd.profile/server-root/pre-setup/PingDirectory.lic pingdirectory-kspasswdfile: items: ksPasswdfile: /opt/staging/pd.profile/server-root/pre-setup/ksPasswdFile pingdirectory-trust-store: items: trust-store.jks: /opt/staging/pd.profile/server-root/pre-setup/trust-store.jks pingdirectory-ssl-store: items: ssl-store.p12: /opt/staging/pd.profile/server-root/pre-setup/ssl-store.p12 envs: SERVER_PROFILE_URL: https://test.net/ping-devops.git SERVER_PROFILE_PATH: config/server_profiles/baseline/pingdirectory SERVER_PROFILE_BRANCH: main USER_BASE_DN: dc=test,dc=com BASE_CLASS: domain BASE_ATTRIBUTE: dc BASE_VALUE: test KEYSTORE_FILE: /opt/staging/pd.profile/server-root/pre-setup/ssl-store.p12 KEYSTORE_TYPE: PKCS12 KEYSTORE_PIN_FILE: /opt/staging/pd.profile/server-root/pre-setup/ksPasswdFile TRUSTSTORE_FILE: /opt/staging/pd.profile/server-root/pre-setup/trust-store.jks TRUSTSTORE_TYPE: JKS TRUSTSTORE_PIN_FILE: /opt/staging/pd.profile/server-root/pre-setup/ksPasswdFile CERTIFICATE_NICKNAME: pingdirectory services: ldap: servicePort: 389 containerPort: 1389 dataService: true ldaps: servicePort: 636 containerPort: 1636 dataService: true clusterService: true https: servicePort: 443 containerPort: 1443 ingressPort: 443 dataService: true clusterServiceName: pingdirectory-cluster
ingress: enabled: true annotations: nginx.ingress.kubernetes.io/backend-protocol: "HTTPS" spec: ingressClassName: nginx hosts:
Your yaml formatting is broken, could you edit it so that the spacing is visible?
Could you provide more details on what you mean by not working? Is there a specific error you are seeing?
PD ldaps:// url not working for SSL encryption, PD connectivity is failing on ldaps://example.com:1636 with SSL encryption, but it is working without SSL encryption.
Below is our values file, please let me know if we are missing something
`pingdirectory: cronjob: enabled: false spec: {}
enabled: true name: pingdirectory image: repository:nexus.net name: vendor/docker/pingidentity/pingdirectory tag: "2301"
container: replicaCount: 2 resources: requests: cpu: 6 memory: 25Gi limits: cpu: 7 memory: 30Gi
workload: type: StatefulSet statefulSet: persistentvolume: volumes: out-dir: persistentVolumeClaim: storageClassName: ebs-sc resources: requests: storage: 8Gi secretVolumes: pingdirectory-license: items: license: /opt/staging/pd.profile/server-root/pre-setup/PingDirectory.lic pingdirectory-kspasswdfile: items: ksPasswdfile: /opt/staging/pd.profile/server-root/pre-setup/ksPasswdFile pingdirectory-trust-store: items: trust-store.jks: /opt/staging/pd.profile/server-root/pre-setup/trust-store.jks pingdirectory-ssl-store: items: ssl-store.p12: /opt/staging/pd.profile/server-root/pre-setup/ssl-store.p12 envs: SERVER_PROFILE_URL: https://test.net/ping-devops.git SERVER_PROFILE_PATH: config/server_profiles/baseline/pingdirectory SERVER_PROFILE_BRANCH: main USER_BASE_DN: dc=test,dc=com BASE_CLASS: domain BASE_ATTRIBUTE: dc BASE_VALUE: test KEYSTORE_FILE: /opt/staging/pd.profile/server-root/pre-setup/ssl-store.p12 KEYSTORE_TYPE: PKCS12 KEYSTORE_PIN_FILE: /opt/staging/pd.profile/server-root/pre-setup/ksPasswdFile TRUSTSTORE_FILE: /opt/staging/pd.profile/server-root/pre-setup/trust-store.jks TRUSTSTORE_TYPE: JKS TRUSTSTORE_PIN_FILE: /opt/staging/pd.profile/server-root/pre-setup/ksPasswdFile CERTIFICATE_NICKNAME: pingdirectory services: ldap: servicePort: 389 containerPort: 1389 dataService: true ldaps: servicePort: 636 containerPort: 1636 dataService: true clusterService: true https: servicePort: 443 containerPort: 1443 ingressPort: 443 dataService: true clusterServiceName: pingdirectory-cluster
ingress: enabled: true annotations: nginx.ingress.kubernetes.io/backend-protocol: "HTTPS" spec: ingressClassName: nginx hosts: