Gitea unable to login with LDAP TLS enabled (without ticking "Skip TLS Verify")

hutsys · September 27, 2023, 8:58am

Hi ,

We are able to make gitea login work without LDAP TLS enabled. But when we enable TLS, by adding security protocol start TLS, we are forced to tick "Skip TLS Verify" to make login working.

The error logs in openldap /var/log/slapd.log is as follows. Any help to enable TLS properly with gitea.

-regards
hutsys

[27-09-2023 14:08:37] slapd debug conn=3712 fd=80 ACCEPT from IP=192.xxx.xxx.xxxx:38436 (IP=0.0.0.0:389)
[27-09-2023 14:08:37] slapd debug conn=3712 op=0 EXT oid=1.3.6.1.4.1.1466.20037
[27-09-2023 14:08:37] slapd debug conn=3712 op=0 STARTTLS
[27-09-2023 14:08:37] slapd debug conn=3712 op=0 RESULT oid= err=0 qtime=0.000010 etime=0.000061 text=
[27-09-2023 14:08:37] slapd debug conn=3712 fd=80 closed (TLS negotiation failure)

jake · October 7, 2023, 3:57pm

Is LDAP server’s TLS certificate trusted on Gitea server? If it working with TLS but skipping verify, then it must be server running Gitea does not trust LDAP server certificate.

Topic		Replies	Views
Migrating from Gitlab - Cannot get LDAP authentication to work General	2	3182	September 27, 2018
Ldap configuration not working Install/Maintain/Configure	2	2217	May 27, 2020
Gitea tries to log in locally despite ldap config General	1	379	August 12, 2020
Gitea LDAP not working Install/Maintain/Configure	1	1041	January 4, 2024
Unable to connect to our LDAP General	15	14139	December 28, 2022

Gitea unable to login with LDAP TLS enabled (without ticking "Skip TLS Verify")

Related Topics