Details
-
Improvement
-
Resolution: Fixed
-
Critical
-
6.5.0
Description
Please add a command to support uploading client cert and key that ns_server will use for authentication on LDAP server. This should be a part of LDAP configuration.
Might look something like the following:
$ ./couchbase-cli setting-ldap --ldap-client-tls-cert ./cert.pem --ldap-client-tls-key ./pkey.key
|
API:
$ curl 'http://Administrator:password@127.0.0.1:8091/settings/ldap' -X POST --data-urlencode "clientTLSCert@/path/to/client/cert.pem" --data-urlencode "clientTLSKey@/path/to/client/key.pem"
|
Ns server changes are ready but not merged yet: http://review.couchbase.org/c/ns_server/+/122001
Please use those changes for tests.
Please see ns_server ticket for more details: MB-37718
Also please consider adding a warning (or confirmation?) if key is being uploaded via unencrypted channel.
Attachments
Issue Links
For Gerrit Dashboard: MB-38705 | ||||||
---|---|---|---|---|---|---|
# | Subject | Branch | Project | Status | CR | V |
129731,2 | MB-38705 Add cert authentication to 'setting-ldap' | mad-hatter | couchbase-cli | Status: MERGED | +2 | +1 |
131645,1 | Merge branch 'mad-hatter' | master | couchbase-cli | Status: MERGED | +2 | +1 |