search

pingidentity / helm-charts

Apache License 2.0
22 stars 31 forks source link

PD ldaps:// url not working for SSL encryption #275

Closed KiranmaiKalla closed 1 year ago

KiranmaiKalla commented 1 year ago

PD ldaps:// url not working for SSL encryption, PD connectivity is failing on ldaps://example.com:1636 with SSL encryption, but it is working without SSL encryption.

Below is our values file, please let me know if we are missing something

`pingdirectory: cronjob: enabled: false spec: {}

jobspec: {}
image: bitnami/kubectl:latest
args: []

enabled: true name: pingdirectory image: repository:nexus.net name: vendor/docker/pingidentity/pingdirectory tag: "2301"

container: replicaCount: 2 resources: requests: cpu: 6 memory: 25Gi limits: cpu: 7 memory: 30Gi

terminationGracePeriodSeconds: 300

probes:
  readinessProbe:
    periodSeconds: 30
    failureThreshold: 4
  startupProbe:
    periodSeconds: 10
    failureThreshold: 180

workload: type: StatefulSet statefulSet: persistentvolume: volumes: out-dir: persistentVolumeClaim: storageClassName: ebs-sc resources: requests: storage: 8Gi secretVolumes: pingdirectory-license: items: license: /opt/staging/pd.profile/server-root/pre-setup/PingDirectory.lic pingdirectory-kspasswdfile: items: ksPasswdfile: /opt/staging/pd.profile/server-root/pre-setup/ksPasswdFile pingdirectory-trust-store: items: trust-store.jks: /opt/staging/pd.profile/server-root/pre-setup/trust-store.jks pingdirectory-ssl-store: items: ssl-store.p12: /opt/staging/pd.profile/server-root/pre-setup/ssl-store.p12 envs: SERVER_PROFILE_URL: https://test.net/ping-devops.git SERVER_PROFILE_PATH: config/server_profiles/baseline/pingdirectory SERVER_PROFILE_BRANCH: main USER_BASE_DN: dc=test,dc=com BASE_CLASS: domain BASE_ATTRIBUTE: dc BASE_VALUE: test KEYSTORE_FILE: /opt/staging/pd.profile/server-root/pre-setup/ssl-store.p12 KEYSTORE_TYPE: PKCS12 KEYSTORE_PIN_FILE: /opt/staging/pd.profile/server-root/pre-setup/ksPasswdFile TRUSTSTORE_FILE: /opt/staging/pd.profile/server-root/pre-setup/trust-store.jks TRUSTSTORE_TYPE: JKS TRUSTSTORE_PIN_FILE: /opt/staging/pd.profile/server-root/pre-setup/ksPasswdFile CERTIFICATE_NICKNAME: pingdirectory services: ldap: servicePort: 389 containerPort: 1389 dataService: true ldaps: servicePort: 636 containerPort: 1636 dataService: true clusterService: true https: servicePort: 443 containerPort: 1443 ingressPort: 443 dataService: true clusterServiceName: pingdirectory-cluster

ingress: enabled: true annotations: nginx.ingress.kubernetes.io/backend-protocol: "HTTPS" spec: ingressClassName: nginx hosts:

henryrecker-pingidentity commented 1 year ago

Your yaml formatting is broken, could you edit it so that the spacing is visible?

Could you provide more details on what you mean by not working? Is there a specific error you are seeing?