LDAPS or LDAP+TLS support
Hello Team,
I deployed a funkwhale 0.20.1 instance today with the ansible playbook, so far so good, I managed to have LDAP working but I could not make use of ldaps or ldap+tls.
StartTLS :
LDAP_ENABLED=True
LDAP_START_TLS=True
LDAP_SERVER_URI=ldap://auth.digitank.eu:389
LDAP_BIND_DN="cn=funkwhale,ou=dsa,dc=digitank,dc=eu"
LDAP_BIND_PASSWORD='password'
LDAP_ROOT_DN="ou=users,dc=digitank,dc=eu"
funkwhale logs :
nov. 06 16:23:08 funkwhale gunicorn[1741]: 2019-11-06 15:23:08,961 django_auth_ldap WARNING Caught LDAPError while authenticating paucur: CONNECT_ERROR({'desc': 'Connect error', 'info': '(unknown error code)'})
openldap logs :
5dc2e55c conn=1014 fd=16 ACCEPT from IP=172.16.110.16:34808 (IP=0.0.0.0:389)
5dc2e55c conn=1014 op=0 EXT oid=1.3.6.1.4.1.1466.20037
5dc2e55c conn=1014 op=0 STARTTLS
5dc2e55c conn=1014 op=0 RESULT oid= err=0 text=
5dc2e55c conn=1014 fd=16 TLS established tls_ssf=256 ssf=256
LDAPS :
LDAP_ENABLED=True
LDAP_SERVER_URI=ldaps://auth.digitank.eu:636
LDAP_BIND_DN="cn=funkwhale,ou=dsa,dc=digitank,dc=eu"
LDAP_BIND_PASSWORD='password'
LDAP_ROOT_DN="ou=users,dc=digitank,dc=eu
funkwhale logs :
nov. 06 16:32:37 funkwhale gunicorn[1799]: 2019-11-06 15:32:37,066 django_auth_ldap WARNING Caught LDAPError while authenticating paucur: SERVER_DOWN({'desc': "Can't contact LDAP server", 'info': '(unknown error code)'})
openldap logs :
5dc2e795 conn=1015 fd=16 ACCEPT from IP=172.16.110.16:54940 (IP=0.0.0.0:636)
5dc2e795 conn=1015 fd=16 TLS established tls_ssf=256 ssf=256
I'm using latest openldap (2.4.48) with a letsencrypt certificate, I have no trouble doing LDAPS or LDAP+TLS with other apps.
Thank you