On the administration page, Configure Application > Configure LDAP lets you configure the system to allow LDAP users.
You need to enter:
- Address, protocol, and port
- LDAP prefix/postfix
Custom certificates
You may need to enable the use of custom SSL certificates when querying LDAP servers that use self-signed certificates.
Configuration on IIS
To configure custom SSL certificates on IIS you simply need to install them in the Windows certificate store.
Configuration on Docker
To configure custom SSL certificates in the containerized version you have different options:
Configuration via environment variable
You can pass to the container, via environment variable, up to 9 different certificates.
Simply define up to 9 environment variables with the following name: LDAP_CERT_N (where N can go from 1 to 9) containing the certificate in the Base64 format.
Example:
LDAP_CERT_1= -----BEGIN CERTIFICATE----- MIIDZjCCAk6gAwIBAgIQHeHfN1k8EJNBP/ojhRvV0TANBgkqhkiG9w0BAQsFADAz ... ... ... WlooX91akYAPDtABzt6dPfS63jrQYN8bnPnPMffu/jTIiEuS7lWa7Kud4rAP28oU UdT6xfJvTRlhtQ== -----END CERTIFICATE-----
Configuration via secret
Configuration via secrets is especially useful when using a compose type of deployment.
Similarly to the environment variable configuration, define up to 9 secrets with the following name: LDAP_CERT_N (where N can go from 1 to 9) either containing the certificate in the Base64 format or pointing to a file with such content. (Docker secret configuration)
If you are having problem with certificate validation on Docker you can pass the environment variable LDAPTLS_REQCERT=never to disable certificate validation.
When defining custom certificates either via environment variables or via secret, the container will print information regarding the certificates found.