Messages

Thanks for the guidance, it is excactley what I was looking for. Wondering why this is not standard in opnsense.

Hint: don't use a hyphen "-" in the description, it won't let you safe the cron job.

Thank's for the comments which triggered that I had to learn a bit more about the Certificate Authority. I created one in OPNsense and created also a server certificate - both self signed. Then I exported the server certificate and imported it to the LDAP server. Now it works.

Try System, Trust, Certificates, Add

I already did this. When I configured LDAP I also imported manually the cerificate from the LDAP Server into OPNsense.

Hi,

Not sure if the following is a bug or a result of hardening.

I try to connect the OPNsense user authentication with an LDAP server and need to use a TLS connection since the OpenLDAP server does not provide the required fields with anonymous logon. I can reach the server but unfortunately the TLS connection does not connect since the LDAP server uses a self-signed certificate. The opnsense log shows:

opnsense: Could not startTLS on ldap connection [error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed (self signed certificate),Connect error]

I could not find a checkbox which allows to accept self signed certificates. Is there a work around (may be in the shell) to accept the certificate once to have it validated?

Thanks
  TMB