Hi everyone, I am trying to implement LDAPS authentication for my Elastic cluster deployed on GKE which has Istio with Strict mTLS setup.
The configuration works fine when I test from docker running on my laptop but the same doesn't work when I try this from elastic on GKE .
Getting the below error message. Any help is appreciated.
Authentication to realm ldap1 failed - authenticate failed (Caused by LDAPException(resultCode=91 (connect error), errorMessage='An error occurred while attempting to connect to server <>:<>: IOException(LDAPException(resultCode=91 (connect error), errorMessage='Unable to verify an attempt to establish a secure connection to '<>"<>' because an unexpected error was encountered during validation processing: SSLPeerUnverifiedException(peer not authenticated), ldapSDKVersion=6.0.3, revision=<>'))'))
elasticsearch:
secureSettings:
- secretName: elasticsearch-ldap-secret
entries:
- key: xpack.security.authc.realms.ldap.ldap1.secure_bind_password
xpack.security.authc.realms:
ldap:
ldap1:
order: 2
enabled: true
url: "ldaps:<>:<>"
ssl:
certificate_authorities: /usr/share/elasticsearch/config/ldap-cert.pem
bind_dn: "uid=<>,ou=<>,dc=<>,dc=<>"
user_search:
base_dn: "ou=<>,dc=<>,dc=<>"
filter: "(uid={0})"
user_group_attribute: "isMemberOf"
unmapped_groups_as_roles: false
spec:
volumes:
- name: ldap-cert
secret:
secretName: elasticsearch-ldap-cert-secret