Dear All,
When I configure authentication using LDAPS I see this error below.
2019-09-26 15:56:06,996 DEBUG django_auth_ldap Initiating TLS
2019-09-26 15:56:07,039 WARNING django_auth_ldap Caught LDAPError while authenticating myusername: SERVER_DOWN({‘info’: ‘error:14090086:SSL routines:ssl3_get_server_certificate:certificate verify failed (unable to get local issuer certificate)’, ‘desc’: “Can’t contact LDAP server”},)
But I do have provided the valid certificate.
my LDAP configuration did not show drop down list for LDAP Group Type, what might be the problem?
But Authentication using LDAP works well, with no TLS switch enable.
Any help will be appreciated?
I think you might be seeing a bug we recently fixed: https://github.com/ansible/awx/pull/4190
What version of AWX are you on?
Nilesh,
You’ll likely have to upgrade AWX to work around this bug - the version you’re on was released about a year ago now, and the reason you’re seeing the error is that this version of AWX is on an older version of Django we updated from awhile ago.
I am getting below error still in Ansible Tower
“Can’t contact LDAP server”, ‘info’: ‘error:14090086:SSL routines:ssl3_get_server_certificate:certificate verify failed (unable to get local issuer certificate)’},
Ansible Tower version is 3.7.0
If you are on tower 3.7.0 you can open a ticket with red hat support instead of waiting for help in the community mailing list.
-John
I have seen this before. Our issue was related to selinux on our not being mapped properly on the host
We already scheduled meeting with red hat officials to show our LDAP setup and asking for their opinion. I guess the issue is with LDAP certs that we have updated yesterday. Seems working fine now. Anyway scheduled a meeting with rehat support team.