Hostname/IP doesn't match certificate's altnames: "Cert is empty", when subject is empty

[evilfer]

Hi, We have a node app using node-ldapauth-fork (through passport-ldapauth) for authentication. The LDAP certificate recently changed, and the new one doesn't have a "subject", although it has an "altName". This appears to be causing our app to reject the LDAP server.

The problem may be this reported node bug: https://github.com/nodejs/node/issues/11771

So possibly it has nothing to do with node-ldapauth-fork. However, I wanted to ask whether you're seeing this error with similar certificates, and whether there's a workaround for this.

[vesse]

Sorry, I don't have experience on this nor do I know if there's a workaround. The tlsOptions are passed directly through to ldapjs which passes them to tls.connect. If none of the TLS options in Node.js work, then I doubt there's much you could do.

[evilfer]

No problem, thank you for confirming that this issue is not related to this package. I'll close this now and keep an eye on the node reported bug :).