LDAP auth troubleshooting

Trying to set up LDAP auth on my new mastodon instance, and receiving the following:

Apr 19 21:33:08 federated bundle[5049]: [54152d03-4f9a-438d-8ccc-3c5a1180d337] Chewy request strategy is `custom_sidekiq`
Apr 19 21:33:08 federated bundle[5049]: [54152d03-4f9a-438d-8ccc-3c5a1180d337] method=POST path=/auth/sign_in format=html controller=Auth::SessionsController action=create status=500 error='Net::LDAP::Error: SSL_connect SYSCALL returned=5 errno=0 state=SSLv3/TLS write client hello' duration=6.07 view=0.00
Apr 19 21:33:08 federated bundle[5049]: [54152d03-4f9a-438d-8ccc-3c5a1180d337]
Apr 19 21:33:08 federated bundle[5049]: [54152d03-4f9a-438d-8ccc-3c5a1180d337] Net::LDAP::Error (SSL_connect SYSCALL returned=5 errno=0 state=SSLv3/TLS write client hello):
Apr 19 21:33:08 federated bundle[5049]: [54152d03-4f9a-438d-8ccc-3c5a1180d337]
Apr 19 21:33:08 federated bundle[5049]: [54152d03-4f9a-438d-8ccc-3c5a1180d337] app/models/concerns/ldap_authenticable.rb:11:in `authenticate_with_ldap'
Apr 19 21:33:08 federated bundle[5049]: [54152d03-4f9a-438d-8ccc-3c5a1180d337] app/controllers/auth/sessions_controller.rb:64:in `find_user'
Apr 19 21:33:08 federated bundle[5049]: [54152d03-4f9a-438d-8ccc-3c5a1180d337] app/controllers/concerns/sign_in_token_authentication_concern.rb:11:in `sign_in_token_required?'

Here is my ldap config:

LDAP_ENABLED=true
LDAP_HOST=auth.wapnet.local.lan
LDAP_PORT=389
LDAP_METHOD=simple_tls
LDAP_TLS_NO_VERIFY=true
LDAP_BASE=ou=people,dc=wapnet,dc=local,dc=lan
LDAP_BIND_DN=cn=readonly,ou=people,dc=wapnet,dc=local,dc=lan
LDAP_PASSWORD=****
LDAP_UID=uid
LDAP_SEARCH_FILTER=(|(%{uid}=%{email})(%{mail}=%{email}))
LDAP_MAIL=mail
LDAP_UID_CONVERSTION_ENABLED=true

Advice is very welcome

Looks like the SSL connection gets closed down immediately after connection.

Can you try LDAP_METHOD=start_tls instead?

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.