ldap2pg with docker compose and ldaps

[fguiet]

I try to use ldap2pg with Docker Compose and LDAPS.

Here is the error I am facing with :

ldap2pg-1  | time=2025-02-11T15:51:19.532Z level=DEBUG msg="LDAP dial." uri=ldaps://xxx.xxx.com:636 try=1
ldap2pg-1  | time=2025-02-11T15:51:19.563Z level=DEBUG msg=Retrying. err="LDAP Result Code 200 \"Network Error\": remote error: tls: handshake failure" attempt=0

Here is the docker compose I am using

services:
  ldap2pg:
    image: dalibo/ldap2pg
    environment:
      - PGHOST=postgres-5432
      - PGUSER=postgres
      - PGDATABASE=postgres
      - LDAPURI=ldaps://xxx.xxx.com:636
      - LDAPBINDDN=cn=xxxx,ou=service,ou=utilisateurs,dc=ldap-ext-xxx,dc=fr
      - LDAPPASSWORD=xxxx
      - PGPASSWORD=test
      - LDAP2PG_VERBOSITY=DEBUG
      - LDAPTLS_REQCERT=never
      - TLS_REQCERT=never
    volumes:
      - ./config:/workspace
    networks:
      - 5432_postgres-5432-network

networks:
  5432_postgres-5432-network:
    external: true

It is important to note that PostgreSQL is running in a Docker Container using this pg_hba.conf without any issue :

host   all all 172.17.1.238/32  ldap ldapserver="xxx.xxx.com" ldapscheme="ldaps" ldapport="636" ldapbinddn="cn=xxxx,ou=service,ou=utilisateurs,dc=ldap-ext-xxxx,dc=fr" ldapbindpasswd="xxxx" ldapbasedn="ou=xxxx,ou=xxxx,ou=utilisateurs,dc=ldap-ext-xxxx,dc=fr" ldapsearchattribute="gecos"

I only needed to add in the environnement section in my docker compose yaml file

LDAPTLS_REQCERT="never"

Last but not least if I don't use LDAPS ie LDAP it works like a charm, see log below:

ldap2pg-1  | time=2025-02-11T16:03:22.258Z level=INFO msg="Connected to LDAP directory." uri=ldap://xxx.xxx.com
ldap2pg-1  | time=2025-02-11T16:03:22.258Z level=INFO msg="Setup static roles and grants."