Adding local Root CA Cert to AWX K3s

[Gregory Machin]

Hi ,

I have AWX running in K3s and I'm configuring LDAP authentication and would prefer to use SSL. 

I'm currently getting :

django_auth_ldap Caught LDAPError while authenticating <username>: SERVER_DOWN({'result': -1, 'desc': "Can't contact LDAP server", 'ctrls': [], 'info': 'error:0A000086:SSL routines::certificate verify failed (unable to get local issuer certificate)'})

I have identified that the certificate used by the LDAP service is from our internal Certificate Authority. 

How do I install the Root Certificate to resolve this issue ?

Thank you

G

[Gregory Machin]

I tried this : 

awx-on-k3s/trust-custom-ca.md at main · kurokobo/awx-on-k3s (github.com)

and that changed the error 

 django_auth_ldap Caught LDAPError while authenticating <username>: SERVER_DOWN({'result': -1, 'desc': "Can't contact LDAP server", 'errno': 115, 'ctrls': [], 'info': 'Operation now in progress'})

I used ldapwhoami to confirm that the BInd username and password are correct.

Any thoughts ?

--
You received this message because you are subscribed to a topic in the Google Groups "AWX Project" group.
To unsubscribe from this topic, visit https://groups.google.com/d/topic/awx-project/J4uGT1IlO7c/unsubscribe.
To unsubscribe from this group and all its topics, send an email to awx-project...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/awx-project/31bf4181-85d8-4c21-97e9-cd5fa8a4ff4bn%40googlegroups.com.

[Gregory Machin]

Resolved, installed the local CA Root and intermediate certificates using the following instructions   awx-on-k3s/trust-custom-ca.md at main · kurokobo/awx-on-k3s (github.com) 

If you need to get these certificate from an existing Windows machine you need to export in BASE64, as this is the same as PEM.

G