Hello all,
I'm trying to get Zabbix to work with our LDAPS system here, using Duo as a 2-Factor system. LDAP works fine but when I switch to LDAPS, I get errors that Zabbix is unable to bind. When I look in the Duo Auth Proxy log, I get:
The message I get in Zabbix is:
I'm not sure what I can do, it seems like Zabbix is sending a request for LDAPS bind with SSL2 or SSL3... Probably SSL2 since our Duo proxy is set to allow SSL3 minimum during testing. Is there somewhere where I can set the TLS protocol for LDAPS in a config?
I'm trying to get Zabbix to work with our LDAPS system here, using Duo as a 2-Factor system. LDAP works fine but when I switch to LDAPS, I get errors that Zabbix is unable to bind. When I look in the Duo Auth Proxy log, I get:
2021-10-25T10:24:32.103728-0400 [duoauthproxy.lib.log#info] The downstream application and the Authentication Proxy were not able to establish an SSL connection. It is possible this is because of a TLS protocol mismatch. Your configured minimum_tls_version is SSLv3. The negotiated TLS version is <Unknown>. The minimum_tls_version currently allowed MAY be higher than your application can support. Please look into setting the `minimum_tls_version` option in your [ldap_server_auto2] section if you need to use a lower version of the TLS Protocol. Error message: [('SSL routines', 'SSL23_GET_CLIENT_HELLO', 'unknown protocol')].
Cannot bind to LDAP server.