Details
-
Improvement
-
Resolution: Fixed
-
Critical
-
6.5.0
Description
Please add a command to support uploading client cert and key that ns_server will use for authentication on LDAP server. This should be a part of LDAP configuration.
Might look something like the following:
$ ./couchbase-cli setting-ldap --ldap-client-tls-cert ./cert.pem --ldap-client-tls-key ./pkey.key
|
API:
$ curl 'http://Administrator:password@127.0.0.1:8091/settings/ldap' -X POST --data-urlencode "clientTLSCert@/path/to/client/cert.pem" --data-urlencode "clientTLSKey@/path/to/client/key.pem"
|
Ns server changes are ready but not merged yet: http://review.couchbase.org/c/ns_server/+/122001
Please use those changes for tests.
Please see ns_server ticket for more details: MB-37718
Also please consider adding a warning (or confirmation?) if key is being uploaded via unencrypted channel.