Joplin server LDAP self-signed certificate

Features
1

I'm hosting joplin server and want to use the LDAP functionality. But my ldaps server uses a self-signed certificate for various unfortunate, inconvenient reasons.

Currently the self-signed certificate makes it impossible to use with joplin server (you get an error message saying Could not bind to the ldap server ldaps://...: self-signed certificate. I think based on the docs for ldapts that this could be supported by adding

tlsOptions: {
  ca: [ fs.readFileSync('server-cert.pem') ]
}

to the ldap client here.

Would this be something that a PR would be accepted for? Of course it would be an optional config, and if not provided would have the existing behavior.

2

Yes a PR would be accepted

2 Likes
3

Is this feature already supported? I have set the 'LDAP_1_TLS_CA_FILE' variable, but when I try to log in, I get the error message: 'Could not bind to the ldap server ldaps://dc01.example.com: self-signed certificate in certificate chain.'

4

@ares welcome to the forum.

image
image652×230 24.4 KB

I am not that familiar with GitHub but if I understand the above comment it appears that the modification was made in December 2024. However there has not been a release of Joplin Server since July 2024 (v3.0.1). No idea when Joplin Server is next due for a release to be published.

5

@dpoulton, thank you for the welcome and your response. I’m using Joplin in a Docker container, so I assume that feature hasn’t been included yet.

6

At this time the most recent published Joplin Server version (source code and docker image) is v3.0.1.

Joplin Server Changelog