Bug #15588
closed
The picking of CA in the LDAP config is inconsistent.
0%
Description
It appears that the picking of the CA is inconsistent, I have various CAs, and only one is valid for the communication with Windows AD.
If I change the CA to any other, I am still able to send requests to the LDAP server, and in certain cases, the valid LDAP cert will be not picked even if it is set, which leads to an auth fail with an error (Unknown CA)
I attached the GIF that shows the behavior
https://nc.netgate.com/nextcloud/s/GKgcMfM9pLQjCLW
tested on
24.03-RELEASE (amd64)
built on Mon May 13 15:17:00 MSK 2024
FreeBSD 15.0-CURRENT
Files
| clipboard-202406291247-0gd2z.png (27.5 KB) clipboard-202406291247-0gd2z.png | |||
| clipboard-202406291916-5h2z3.png (77.1 KB) clipboard-202406291916-5h2z3.png |
Related issues
Updated by Christopher Cope 5 months ago
As mentioned in the troubleshooting section, you may need to restart PHP and the GUI for the changes to take effect.
Please confirm that doing this fixes the issues you are seeing.
Updated by Lev Prokofev 5 months ago
Even after restarting PHP and GUI, the behavior was inconsistent, I set the wrong cert (R3), saved, restarted PHP and GUI, and the query still working
Updated by Jim Pingle 5 months ago
- Status changed from New to Duplicate
Seems to be one we already have an issue open for: #15060
Updated by Jim Pingle 5 months ago
- Is duplicate of Bug #15060: LDAP bind fails when authentication servers use different CA chains added