TLS false. Help me!!

[N-LamTruong]

I don't know where I went wrong

1. Docker-compose.yml version: '3.8' services: openvpn-ldap-otp: image: 'wheelybird/openvpn-ldap-otp:latest' container_name: openvpn-ldap-otp cap_add:

• NET_ADMIN volumes:
• '.config:/config'
• '/etc/openvpn:/etc/openvpn'
• '/lib/modules:/lib/modules' environment:
• 'USE_CLIENT_CERTIFICATE=false'
• 'LDAP_ENCRYPT_CONNECTION=off'
• 'LDAP_TLS_VALIDATE_CERT=false'
• 'OVPN_SERVER_CN=openvpn.xxx.com'
• 'LDAP_URI=ldap://xxx.xxx.xxx.xxx'
• 'LDAP_BASE_DN=dc=xxx,dc=com'
• 'LDAP_BIND_USER_DN=admin'
• 'LDAP_BIND_USER_PASS=xxx'
• 'OVPN_PROTOCOL=udp'
• 'OVPN_NAT=true'
• 'OVPN_NETWORK=172.31.32.0 255.255.240.0'
• 'OVPN_INTERFACE_NAME=tun'
• 'OVPN_DNS_SERVERS=8.8.8.8,8.8.4.4' ports:
• '1194:1194/udp'

2. FIle config client: client tls-client dev tun persist-key persist-tun remote-cert-tls server key-direction 1 auth SHA512 auth-nocache proto udp reneg-sec 0 redirect-gateway def1 auth-user-pass verb 3

remote openvpn.xxx.com 1194 udp float nobind -----BEGIN CERTIFICATE----- xxx -----END CERTIFICATE----- # # 2048 bit OpenVPN static key # -----BEGIN OpenVPN Static key V1----- xxx -----END OpenVPN Static key V1-----

key-direction 1

3. Logs client: Mon May 29 09:39:07 2023 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity) Mon May 29 09:39:07 2023 TLS Error: TLS handshake failed Mon May 29 09:39:07 2023 SIGUSR1[soft,tls-error] received, process restarting Mon May 29 09:39:07 2023 Restart pause, 5 second(s)

[wheelybird]

Hi. Does your LDAP server expect TLS to be enabled?

[N-LamTruong]

Hi. Does your LDAP server expect TLS to be enabled?

No, I just use http

[wheelybird]

I meant the LDAP server itself (not any kind of web GUI). You've got the LDAP URI set as ldap://xxx.xxx.xxx.xxx; it's possible that the server doesn't accept non-encrypted connections. You might need to enable TLS or connect with ldaps.