• 11

A PHP Error was encountered

Severity: Notice

Message: Undefined index: userid

Filename: views/question.php

Line Number: 191


File: /home/prodcxja/public_html/questions/application/views/question.php
Line: 191
Function: _error_handler

File: /home/prodcxja/public_html/questions/application/controllers/Questions.php
Line: 433
Function: view

File: /home/prodcxja/public_html/questions/index.php
Line: 315
Function: require_once

name Punditsdkoslkdosdkoskdo

Trying to use an openLdap docker image for SSL

I'm trying to use docker to create a openldap server than I can connect to over our intranet. I've set it up to run as host so that it doesn't cause any network issues and we can use the network DNS. I'm using this image https://github.com/osixia/docker-openldap

Here's the code I use to launch the container;

 docker run --net=host --name arq --hostname <fqdn of host server>  --env LDAP_ORGANISATION="arq" --env LDAP_DOMAIN="<fqdn of host server>" --env LDAP_ADMIN_PASSWORD="<testpw>"  --volume /docker/ldap3/ldap:/var/lib/ldap --volume /docker/ldap3/slapd:/etc/ldap/slapd.d  --detach osixia/openldap

I stress that this works perfectly over port 389 for unencrypted communications. Nmap from another machine shows ports for 389 and 636 as being open for tcp.

I know the certificate in use will be self-signed, so I've tried to take that into account in the request. I've been trying to connect using;

LDAPTLS_REQCERT=never ldapsearch -d2 -H ldaps://<fqdn of host server> -x -D "uid=james,<fqdn of host server>" -W

The failure I get is;

TLS: can't connect: The TLS connection was non-properly terminated.. ldap_sasl_bind(SIMPLE): Can't contact LDAP server (-1)

Regardless of if I'm setting LDAPTLS_REQCERT

The command;

openssl s_client -connect orthanctest.sth.nhs.uk:636 -showcerts


depth=1 C = US, O = A1A Car Wash, OU = Information Technology Dep., L = Albuquerque, ST = New Mexico, CN = docker-light-baseimage
verify error:num=19:self signed certificate in certificate chain
verify return:0
140309985457808:error:140790E5:SSL routines:SSL23_WRITE:ssl handshake failure:s23_lib.c:177:

Any ideas how to get this to work, or is this just not possible?

Trending Tags