search

tykeal / ep_ldapauth

(Up for adoption) LDAP authentication plugin for Etherpad-lite
GNU General Public License v2.0
25 stars 20 forks source link

LDAP using a self signed #40

Open rgarrigue opened 5 years ago

rgarrigue commented 5 years ago

Hi

I'm trying to set up the LDAP auth against our server with a self-signed certificate. Which I guess explain this

[2018-12-07 08:16:55.889] [ERROR] console - Error: unable to verify the first certificate
    at TLSSocket.onConnectSecure (_tls_wrap.js:1122:34)
    at TLSSocket.emit (events.js:182:13)
    at TLSSocket.EventEmitter.emit (domain.js:441:20)
    at TLSSocket._finishInit (_tls_wrap.js:625:8)
RESTART!

I tried to add my certificate to the local CA ( CRT in /usr/local/share/ca-certificates/ldap01.crt + update-ca-certificates), didn't worked. I'll work on having a real certificate, but I wish I could allow self signed.

Best regards,

jolly-jump commented 3 years ago

Hi. Long time since you reported this. There is an (at the moment undocumented) option to add a server CA-certificate

"ldapauth": {
...
"tls_ca_file": "cacert.crt"

if you put your cacert.crt into the root-folder of etherpad-lite.

This worked for me.