Can't contact LDAP server

ShowMeYourSkil · August 30, 2023, 10:36am

Hello all,

i’ve a strange Problem with bei LDAP/S authentification.

I want to equip the LDAP in Icinga with LDAPS encryption. Now I get the following message during the configuration validation:

Failed to successfully validate the configuration: LDAP bind (Icinga2 / ***) to ldaps://DC01.test.de:636 failed: Can't contact LDAP server.

However, I can read out the AD via LDAPSearch using the CLI.

ldapsearch -H ldaps://DC01.test.de:636 -x -W -d8 -D "" -b ""

Do you have any idea how I can fix the problem’?

ShowMeYourSkil · August 30, 2023, 10:54am

New knowledge:

I import the RootCA successfully. The first Validate Configuration check in Icinga is successful and the second one is not.

log1c · August 30, 2023, 12:36pm

What do you mean be first and second validation check?

Did you update the internal CA storage? update-ca-trust or the like?

ShowMeYourSkil · September 5, 2023, 6:34am

Strange problem. After I reinstalled the CA on the server and converted the root CA .crt to a .PEM, it suddenly worked.

update-ca-trust unfortunately didn’t help at first either. So far, the problem has only occurred on this Linux server. It seemed to be a bug on the Linux system.

Thanks for your help!