开启ldaps

发表于 阅读次数: 本文字数: 654 阅读时长 ≈ 1 分钟

使用bitnami/openldap:2.6.7时设置的ldaps不生效,报错

1
2
3
65d6f158.2ab5d366 0x7f848a63b700 conn=1000 fd=14 ACCEPT from IP=192.168.14.1:34042 (IP=0.0.0.0:1636)
65d6f158.2af14816 0x7f848a63b700 TLS: init_def_ctx: .
65d6f158.2af22131 0x7f848a63b700 conn=1000 fd=14 closed (TLS negotiation failure)

需使用nginx作为代理开启ldaps

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
stream {
    upstream ldap_backend {
        server 192.168.15.14:1389;  # Port where Casdoor LDAP server is running
    }

    server {
        listen 1636 ssl;  # LDAPS port
        ssl_certificate /etc/nginx/conf.d/ldap.crt;  # SSL certificate
        ssl_certificate_key /etc/nginx/conf.d/ldap.key;  # SSL private key

        ssl_protocols TLSv1.2 TLSv1.3;
        ssl_ciphers HIGH:!aNULL:!MD5;

        proxy_pass ldap_backend;
    }
}