Google SLDAP integration complains "state=error: certificate verify failed (self signed certificate)"

Problem to solve

I’ve followed all of the instructions on integrating Google SLDAP into GitLab, as per the GitLab instructions. However, when I attempt to authenticate using the Secure LDAP feature, I get this error:

Could not authenticate you from Ldapmain because “Ssl connect returned=1 errno=0 peeraddr=216.239.32.58:636 state=error: certificate verify failed (self signed certificate)”.

I used the same certificate that Google Admin page gave me when setting up the LDAP server, so I don’t understand the issue.

1 Like

Well I figured it out. When using Google’s SecureLDAP it uses SNI. The default openssl version being used by the ldap configuration in gitlab.rb doesn’t support that… so you have to set ssl_version to “TLSv1_2” for it to work… you’re welcome :wink: