ldap: add option for ldap starttls support
This commit is contained in:
parent
1ebc53529a
commit
df40447616
|
@ -290,6 +290,7 @@ Variable | Description | Example
|
|||
`LDAP_TLS_CHECK_PEER` | Require and verify LDAP server certificate | 1
|
||||
`LDAP_TLS_CACERT_FILE` | Path to CA cert file. Used when server certificate verify is enabled | /etc/ssl/certs/ca-certificates.crt
|
||||
`LDAP_TLS_CACERT_DIR` | Path to CA certs directory. Used when server certificate verify is enabled. | /etc/ssl/certs
|
||||
`LDAP_START_TLS` | Enable START_TLS, requires LDAPv3, URL must be ldap:// not ldaps:// | 0
|
||||
|
||||
#### Authentication using JWT tokens
|
||||
|
||||
|
|
|
@ -69,6 +69,7 @@ services:
|
|||
- LDAP_TLS_CHECK_PEER
|
||||
- LDAP_TLS_CACERT_FILE
|
||||
- LDAP_TLS_CACERT_DIR
|
||||
- LDAP_START_TLS
|
||||
- XMPP_DOMAIN
|
||||
- XMPP_AUTH_DOMAIN
|
||||
- XMPP_GUEST_DOMAIN
|
||||
|
|
|
@ -134,6 +134,9 @@ TZ=Europe/Amsterdam
|
|||
# Path to CA certs directory. Used when server sertificate verify is enabled.
|
||||
#LDAP_TLS_CACERT_DIR=/etc/ssl/certs
|
||||
|
||||
# Wether to use starttls, implies LDAPv3 and requires ldap:// instead of ldaps://
|
||||
# LDAP_START_TLS=1
|
||||
|
||||
|
||||
#
|
||||
# Advanced configuration options (you generally don't need to change these)
|
||||
|
|
|
@ -19,3 +19,6 @@ ldap_tls_ciphers: {{ .Env.LDAP_TLS_CIPHERS }}
|
|||
{{ end }}
|
||||
{{ end }}
|
||||
{{ end }}
|
||||
{{ if .Env.LDAP_START_TLS | default "0" | toBool }}
|
||||
ldap_start_tls: yes
|
||||
{{ end }}
|
||||
|
|
Loading…
Reference in New Issue