Hi! I use latest Gitlab-ee_Omnibus verison (29.03.2020) Ubuntu 18.04
I want to start to use ldap. I enable it and that work well but not work ssl certificate verify.
###! remember to close this block with ‘EOS’ below
gitlab_rails[‘ldap_servers’] = YAML.load <<-‘EOS’
main: # ‘main’ is the GitLab ‘provider ID’ of this LDAP server
label: ‘LDAP’
host: ‘pdc01.sos.it.ee’
port: 636
uid: ‘sAMAccountName’
bind_dn: ‘CN=ldap gitlab,CN=Users,DC=SOS,DC=IT,DC=EE’
password: ‘Pa$w0rd1234’
encryption: “simple_tls”
verify_certificates: false
active_directory: true
allow_username_or_email_login: true
lowercase_usernames: true
block_auto_created_users: false
base: ‘OU=Gitlab INT,DC=SOS,DC=IT,DC=EE’
user_filter: ‘’
## EE only
group_base: ‘OU=Global Groups,OU=Gitlab INT,DC=SOS,DC=IT,DC=EE’
admin_group: ‘Global Admins’
If I change verify_certificates: true I get error: ssl connect returned=1 errno=0 state=error: certificate verify failed (unable to get local issue certificate)
I try resolv it so:
openssl s_client -connect pdc01.sos.it.ee:636 -showcerts </dev/null 2>/dev/null | openssl x509 -outform PEM > ad_ldap_server.pem
sudo cp ad_ldap_server.pem /usr/share/ca-certificates/ad_ldap_server.crt
sudo dpkg-reconfigure ca-certificates
sudo update-ca-certificates
But It don't help. :(
What is possible to resolve this problem?