LDAPS confguration issue

Dear All,

I followed complete documentation to configure LDAP it’s working fine, But when I change the TLS setting ON I am getting connection error for that server.

2019-06-28 17:37:43,200 DEBUG django_auth_ldap Initiating TLS

2019-06-28 17:37:43,208 WARNING django_auth_ldap Caught LDAPError while authenticating someuser: CONNECT_ERROR({‘info’: ‘error:14090086:SSL routines:ssl3_get_server_certificate:certificate verify failed (unable to get local issuer certificate)’, ‘desc’: ‘Connect error’},)

2019-06-28 17:37:43,235 DEBUG django_auth_ldap Initiating TLS

I also provided the path of the certificate as below, not sure what is missing

Any help would be appreciated.

"AUTH_LDAP_CONNECTION_OPTIONS": {
        "OPT_NETWORK_TIMEOUT": 30,
        "OPT_REFERRALS": 0,
        "OPT_X_TLS_NEWCTX": 0,
        "OPT_X_TLS_CACERTFILE": "/etc/openldap/cacerts/mycertsvr.cer"
    },

Nilesh,

I suspect you’re hitting a bug I’m actually currently investigating.

Does this patch resolve things for you?

https://github.com/ansible/awx/pull/4190

Hi Ryan,

I haven’t applied this patch, do you see any risk ?

Nilesh,

We’ve just released a new version of AWX (6.0.0) that includes a change that I believe will resolve this for you.

Thank you Ryan,
I appreciated your response and I saw your notification as well. We will plan to deploy new version once we get maintenance windows for the same.