Auth against ldaps does not accept cert

Icinga Web 2
1

Hi there,

i just installed icinga2 on centos8 and tried to use our ldaps as auth-source.

the host itself uses ldaps, so there is no networkissue.
i tried the proxy-user and pw similiar to the systemwirde, but by testing the config, i get a connection-error. it seems, the icinga-ldap-client does not accept the ssl-cert provided by the ldaps-server.

i tried to add “TLS_REQCERT never” to /etc/ldap.conf even as its not, what one want to have, but it does not help anyway. where can i define the server-cert that should be accepted by icinga2?
i use (and have to use) ldaps not starttls

any hints?

regards
andreas

1 Like
2

Hi and welcome,

Since support for RHEL/Centos8 has only recently started, keep in mind that you might have hit a bug that needs to be reported.

Similar issues have been reported in the past and IIRC it has to do with PHP LDAP support. Try to enable some debugging in php.ini and see what the logs have to say.

Cheers,
George

1 Like