mirror of
https://github.com/vimagick/dockerfiles.git
synced 2024-11-21 17:56:53 +02:00
.. | ||
docker-compose.yml | ||
nginx.conf | ||
README.md |
OpenLDAP
OpenLDAP Software is an open source implementation of the Lightweight Directory Access Protocol.
Directory Tree
├── data
│ ├── certs
│ │ ├── ca.crt
│ │ ├── ca.key
│ │ ├── ca.srl
│ │ ├── ldap.crt
│ │ ├── ldap.csr
│ │ └── ldap.key
│ ├── conf (auto generated)
│ │ ├── cn=config
│ │ ├── cn=config.ldif
│ │ └── docker-openldap-was-started-with-tls
│ └── data (auto generated)
│ ├── data.mdb
│ └── lock.mdb
└── docker-compose.yml
Create Keys and Certificates
openssl req \
-x509 -nodes -days 3650 -sha256 \
-subj '/C=US/ST=Oregon/L=Portland/CN=easypi.duckdns.org' \
-newkey rsa:2048 -keyout ca.key -out ca.crt
openssl req \
-new -sha256 -newkey rsa:2048 -nodes \
-subj '/CN=ldap.easypi.duckdns.org/O=EasyPi/C=US/ST=Oregon/L=Portland' \
-keyout ldap.key -out ldap.csr
openssl x509 \
-req -days 3650 -sha256 \
-in ldap.csr -CA ca.crt -CAkey ca.key -CAcreateserial \
-out ldap.crt
Test the STARTTLS & SSL connections
$ docker-compose exec openldap bash
>>> ldapwhoami -H ldap://ldap.easypi.duckdns.org -x -ZZ
anonymous
>>> ldapwhoami -H ldaps://ldap.easypi.duckdns.org -x -D cn=admin,dc=ldap,dc=easypi,dc=duckdns,dc=org -w admin
dn:cn=admin,dc=ldap,dc=easypi,dc=duckdns,dc=org
>>> ldapsearch -H ldaps://ldap.easypi.duckdns.org -b dc=ldap,dc=easypi,dc=duckdns,dc=org -D cn=admin,dc=ldap,dc=easypi,dc=duckdns,dc=org -w admin
...