Details
-
Task
-
Resolution: Fixed
-
Major
-
None
-
Mad Hatter
-
None
Description
The LDAP settings allow providing a certificate. The documentation does not explain, however, what certificate needs to be provided and what it is its purpose.
According to recent discussion, the purpose of the certificate is to validate the identity of the LDAP server. The cluster certificate can be used for that purpose only if it was signed by the same CA authority as the LDAP server (needs to be confirmed).
It can also be noted that Couchbase provides no possibility to supply a client certificate for the TLS connection to the LDAP server, so it works only when client certificate verification on the LDAP server is turned off.