Hi everyone
Does anyone have LDAP 2.6.2 in production environment?
It is not possible to self-certify LDAP and connect between servers with Rocky 9 and sssd without a valid certificate.
We are implementing this version 2.6.2 on a vm with Rocky 9 and to connect from old Centos 7 there is no problem through authconfig but with Rocky9 and sssd it is not possible if it does not have a valid certificate.
I have tried several methods to self-certify but the log says that it is not valid as a certificate. Does anyone have a valid method to create the certificate on the same server as a verified identity instead of buying one?
According to the ldap-sssd documentation sssd-ldap(5): config file for SSSD - Linux man page
LDAP back end supports id, auth, access and chpass providers. If you want to authenticate against an LDAP server either TLS/SSL or LDAPS is required. sssd does not support authentication over an unencrypted channel. If the LDAP server is used only as an identity provider, an encrypted channel is not needed. Please refer to “ldap_access_filter” config option for more information about using LDAP as an access provider.
Stay tuned to your comments
Thank you