Resolving issues with LDAPS and SimpleRisk Custom Authentication
This brief FAQ aims to address a commonly overlooked detail when setting up LDAPS with SimpleRisk. It assumes that you already have LDAP configured and operational, and you are looking to switch from port 389 to 636 to establish a secure SSL connection. This guide is particularly relevant for users utilizing self-signed certificates on their LDAP server, though it may also be applicable in other scenarios where adjustments are necessary.
To modify the LDAP configuration on the SimpleRisk server, begin by opening the file "/etc/ldap.conf" using your preferred text editor. For this example, I will use `vi`. You can open the file by entering the following command:
vi /etc/ldap.conf
Inside this file, you may find that the parameter you need is already defined. If it is present, simply update its value. If it is not there, add the following line to the file:
TLS_REQCERT never
After making the necessary changes, save the file by pressing `Esc`, then typing `:wq`, and hitting `Enter` to write the changes and exit `vi`.
Once you have saved the changes, restart the Apache service to apply them. Use the following command depending on your operating system:
systemctl restart apache2 # For Ubuntu
systemctl restart httpd # For Centos/RHEL
At this point the issue should now be resolved. If for any reason you are having continued issues getting LDAPS working please contact us at support@simplerisk.com.