TLS Auth

[ghost]

Hi guys!

I had great success in deploying Let's Chat with LDAP auth with our Active Directory, as
long as i have manually turned off the "require LDAP server signing" option in group policies.
It seems that our default domain policy requires TLS auth.
I have seen an option for a tls cert in the first example.

  tlsOptions:
   ca: ca.pem

How or which certificate i have to export to the Let's Chat directory?
Can someone help?
Thanks

[gwarf]

Hi,
I also tried to used an ldap + tls connection but wasn't able to use one, it seems that the ldapjs version used as no support for the startssl ldap extended operation. (starttls was added to ldapjs but has not yet been pacakged...)
So I had to switch to ldaps usage, but it seems that the ca option has no effect. I presume that the certificate of the CA signing the server cert should be specified but it does not work.
(Confusion between ldap + tls and ldaps is really common, see http://www.openldap.org/faq/data/cache/605.html and http://www.openldap.org/faq/data/cache/185.html )
Currenlty the only way I find to make ldaps work was to add the following line to the main app.js file:

process.env.NODE_TLS_REJECT_UNAUTHORIZED = "0"; 

I found it here: http://stackoverflow.com/questions/25171613/ldap-bind-error-using-node-js-and-ldapjs and request/request#418

[hhaidar]

Would pointing ldapjs in package.json to master help?

[gwarf]

It could, I do not have much time for testing this, so...