No TLS / STARTTLS with LDAP

[Perflyst]

Currently it is not possible to use a local LDAP server, e.g. "url": "ldap://127.0.0.1"

First of all the error does not tell you that there is an issue with the encrypted connection

Error: Could not determine UUID for LDAP user.
Check that either uidNumber, uid or sAMAccountName is set in your LDAP directory or use another unique attribute and configure it using the "useridField" option in ldap settings.

Please add a way to connect "PLAIN" or accept the ssl certificate even if it is for another hostname.
Current workaround:
/etc/hosts
127.0.0.1 ldap.domain.tld

[alecdwm]

Hey @Perflyst!
Has your custom TLS cert been signed by some root ca?
If so, you should be able to specify the path to the root ca certificate as detailed here:
https://www.npmjs.com/package/passport-ldapauth#active-directory-over-ssl-example

{
  url: "ldaps://localhost",
  bindDN: "...",
  bindCredentials: "...",
  searchBase: "...",
  searchFilter: "...",
  searchAttributes: ["..."],
  tlsOptions: {
    ca: [
      fs.readFileSync("/path/to/root_ca_cert.crt")
    ]
  }
}

[Perflyst]

I would say this does not matter here? It is not signed for localhost nor the IP address so CodiMD crashes because of this?

[alecdwm]

Ah. If you want to disable the verification of TLS certificates entirely, you could try:

{
  url: "ldaps://localhost",
  bindDN: "...",
  bindCredentials: "...",
  searchBase: "...",
  searchFilter: "...",
  searchAttributes: ["..."],
  tlsOptions: {
    rejectUnauthorized: false,
  }
}

[Perflyst]

Worked, thanks.