Anybody else having issues with ldap as authentication server and using encrypted connections?
I made the update to 19.7.3 this morning and ldap with startTLS worked. After upgrade no authentication possible any more. I also tried SSL but neither works.
Changelog:
Quotesystem: improve LDAPS mode and related authentication cleanups
Quote
opnsense: Could not startTLS on ldap connection [error:14090086:SSL routines:ssl3_get_server_certificate:certificate verify failed (unable to get issuer certificate),Connect error]
Edit:
Changed from StartTLS to SSL and vice versa. Changed hostnames of ldap from subjectAlternative to main and back. Everything configured like before.
I do not know why, but now it works again. Very strange. All certificates in chain had been imported. Else I would say a cache has been deleted during upgrade and certificates got just fetched by a cron during my tests.
Worst case it required a reoobt, best case a reconfigure as we don't do that automatically on upgrade. Some files were moved and function calls replaced.
Cheers,
Franco