Enable LDAP authentication to Vault !!

[tulasira...@gmail.com]

Hi Team,

I am facing LDAP integration challenges with vault hosted on AWS. I tried OpenLDAP/AWS Simple AD but being denied LDAP 200 error all the time. can some please help me how i can achieve LDAP integration with vault.

Thanks

Ram

[tulasira...@gmail.com]

I am trying Free Online LDAP To integrate with vault. it's failing

Error Authentication failed: 1 error occurred: * error connecting to host "ldap://ldap.forumsys.com:389": LDAP Result Code 200 "Network Error": TLS handshake failed (tls: failed to parse certificate from server: x509: RSA key missing NULL parameters)

[Becca Petrin]

Hi Ram,

To me, it looks like there's an issue with the certificate configuration. What process did you go through to configure a CA certificate on the remote server? And to configure a client certificate for Vault to use when calling it? I'd be looking very carefully at those steps.

When we were configuring the certificate on a remote AD instance hosted by Azure, we found it was a bit tricky, at least for us. If you head into your remote instance, open Powershell as an administrator, type the command "ldp", then connect something.wherever.com/389, and connect something.wherever.com/636/SSL, do you succeed? Of course, replace those values with your real ones. Also, is the certificate Vault is using a valid identity for one of the CA's that's configured? Once the certificates are correctly configured and have a valid relationship with each other, that error will resolve.

-Becca