Hi ,
I have AWX running in K3s and I’m configuring LDAP authentication and would prefer to use SSL.
I’m currently getting :
django_auth_ldap Caught LDAPError while authenticating : SERVER_DOWN({‘result’: -1, ‘desc’: “Can’t contact LDAP server”, ‘ctrls’: , ‘info’: ‘error:0A000086:SSL routines::certificate verify failed (unable to get local issuer certificate)’})
I have identified that the certificate used by the LDAP service is from our internal Certificate Authority.
How do I install the Root Certificate to resolve this issue ?
Thank you
G
I tried this :
awx-on-k3s/trust-custom-ca.md at main · kurokobo/awx-on-k3s (github.com)
and that changed the error
django_auth_ldap Caught LDAPError while authenticating : SERVER_DOWN({‘result’: -1, ‘desc’: “Can’t contact LDAP server”, ‘errno’: 115, ‘ctrls’: , ‘info’: ‘Operation now in progress’})
I used ldapwhoami to confirm that the BInd username and password are correct.
Any thoughts ?
Resolved, installed the local CA Root and intermediate certificates using the following instructions awx-on-k3s/trust-custom-ca.md at main · kurokobo/awx-on-k3s (github.com)
If you need to get these certificate from an existing Windows machine you need to export in BASE64, as this is the same as PEM.
G