File tree Expand file tree Collapse file tree 3 files changed +13
-0
lines changed
Expand file tree Collapse file tree 3 files changed +13
-0
lines changed Original file line number Diff line number Diff line change @@ -77,6 +77,8 @@ LDAP_GROUP_ATTRIBUTE="memberOf"
7777# Would you like to remove users from roles on BookStack if they do not match on LDAP
7878# If false, the ldap groups-roles sync will only add users to roles
7979LDAP_REMOVE_FROM_GROUPS = false
80+ # Set this option to disable LDAPS Certificate Verification
81+ LDAP_TLS_INSECURE = false
8082
8183# Mail settings
8284MAIL_DRIVER = smtp
Original file line number Diff line number Diff line change @@ -170,6 +170,16 @@ protected function getConnection()
170170 }
171171 $ hostName$ ldapServer0 ] . ($ hasProtocol': ' :'' ) . $ ldapServer1 ];
172172 $ defaultPort$ ldapServer0 ] === 'ldaps ' ? 636 : 389 ;
173+
174+ /*
175+ * Check if TLS_INSECURE is set. The handle is set to NULL due to the nature of
176+ * the LDAP_OPT_X_TLS_REQUIRE_CERT option. It can only be set globally and not
177+ * per handle.
178+ */
179+ if ($ this config ['tls_insecure ' ]) {
180+ $ this ldap ->setOption (NULL , LDAP_OPT_X_TLS_REQUIRE_CERT , LDAP_OPT_X_TLS_NEVER );
181+ }
182+
173183 $ ldapConnection$ this ldap ->connect ($ hostNamecount ($ ldapServer2 ? intval ($ ldapServer2 ]) : $ defaultPort
174184
175185 if ($ ldapConnectionfalse ) {
Original file line number Diff line number Diff line change 149149 'user_to_groups ' => env ('LDAP_USER_TO_GROUPS ' ,false ),
150150 'group_attribute ' => env ('LDAP_GROUP_ATTRIBUTE ' , 'memberOf ' ),
151151 'remove_from_groups ' => env ('LDAP_REMOVE_FROM_GROUPS ' ,false ),
152+ 'tls_insecure ' => env ('LDAP_TLS_INSECURE ' , false ),
152153 ]
153154
154155];
You can’t perform that action at this time.
0 commit comments