Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

LDAPS #14

Open
jonny190 opened this issue May 2, 2019 · 4 comments
Open

LDAPS #14

jonny190 opened this issue May 2, 2019 · 4 comments

Comments

@jonny190
Copy link

jonny190 commented May 2, 2019

How can this be used with LDAPS i can't see a way of adding the CA
@el3ctrician
Copy link

same issue here ! +1

@posteingang
Copy link

I created a workaround for me in Kubernetes. Maybe it helps:

configmap.yaml

---
apiVersion: v1
kind: ConfigMap
metadata:
  name: self-service-password-ldap
  namespace: default
data:
  ldap.conf: |
    TLS_REQCERT allow

deployment.yaml

apiVersion: apps/v1
kind: Deployment
metadata:
  name: sspw-wads-self-service-password
  namespace: "default"
spec:
  replicas: 1
  template:
    metadata:
      labels:
        app.kubernetes.io/name: self-service-password
        app.kubernetes.io/instance: sspw
    spec:
      volumes:
      - name: ldap-conf
        configMap:
          name: sspw-wads-self-service-password-ldap
      containers:
        - name: self-service-password
          volumeMounts:
          - mountPath: /etc/openldap
            name: ldap-conf
          image: "tiredofit/self-service-password:5.0.2"
[ ... ]

@avoidik
Copy link

avoidik commented May 9, 2020

Another option is to import required files into the container

FROM tiredofit/self-service-password:5.0.3

COPY tls/ca.pem /etc/ssl/certs/ca.pem
COPY ldap.conf /etc/openldap/ldap.conf
TLS_CACERT  /etc/ssl/certs/ca.pem
TLS_REQCERT try

@TheUdK
Copy link

TheUdK commented Jun 17, 2021

I created a workaround for me in Kubernetes. Maybe it helps:

configmap.yaml

---
apiVersion: v1
kind: ConfigMap
metadata:
  name: self-service-password-ldap
  namespace: default
data:
  ldap.conf: |
    TLS_REQCERT allow

deployment.yaml

apiVersion: apps/v1
kind: Deployment
metadata:
  name: sspw-wads-self-service-password
  namespace: "default"
spec:
  replicas: 1
  template:
    metadata:
      labels:
        app.kubernetes.io/name: self-service-password
        app.kubernetes.io/instance: sspw
    spec:
      volumes:
      - name: ldap-conf
        configMap:
          name: sspw-wads-self-service-password-ldap
      containers:
        - name: self-service-password
          volumeMounts:
          - mountPath: /etc/openldap
            name: ldap-conf
          image: "tiredofit/self-service-password:5.0.2"
[ ... ]

Has this worked for anyone? I have set the configmap and it works on container start. Still getting SSL errors on Debug.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
5 participants
@avoidik @jonny190 @TheUdK @el3ctrician @posteingang