Monday, 8 May 2017

Implement LDAPS using node-ldapjs

I have LDAP connections working perfectly with node-ldapjs (ldapjs.org). I am trying to implement LDAPS connections with node-ldapjs. The setup/configuration I am using is equivalent to the solution which was described as being successful by another individual and was posted here - https://github.com/mcavage/node-ldapjs/issues/307 . My code is shown below. When I execute the code below, I get the following message - { [Error: unable to get local issuer certificate] code: 'UNABLE_TO_GET_ISSUER_CERT_LOCALLY' }. Can anyone help me to determine (1) what is the root cause of the error message above and (2) how can I resolve this issue ?

Here is my code:

var fs = require('fs');
var tls = require('tls');
var ldap = require('ldapjs');

var tlsOptions = {
host: 'FQDN',
cert: fs.readFileSync('mycert.pem'),
ca: fs.readFileSync('my-root-CA.cer',
rejectUnauthorized: true
};

var server = tls.connect(636,tlsOptions,function() {
console.log('tls connect');
console.log('client connected', server.authorized ? 'authorized' : 'unauthorized');
process.stdin.resume();
process.stdin.pipe(server);

    if ( server.authorized )
    {
            var client = ldap.createClient({url: 'ldaps://domainControllerIP:636',tlsOptions:tlsOptions});
            client.bind(username, password, function (err) {
            cb(err === null, err);
            });
//Perform LDAP search operation
var opts = {
filter: '(&(objectclass=organizationalRole))',
scope: 'sub',
attributes: ['cn'] };

            client.search('dc=domain,dc=local', opts, function(err, res) {
            res.on('searchEntry', function(entry) {
                          console.log('entry: ' + JSON.stringify(entry.object));
            });
            res.on('searchReference', function(referral) {
                          console.log('referral: ' + referral.uris.join());
            });
            res.on('error', function(err) {
                         console.error('error: ' + err.message);
            });
            res.on('end', function(result) {
                        console.log('status: ' + result.status);
            });
       });
  }
});
server.setEncoding('utf8');
server.on('data',function(data){
console.log('data section: ',data);
});

server.on('secureConnect',function(data){
console.log('secure connect section: ',data);
});

server.on('error', function(error) {
console.log('client closing...',error);
});


via TinMan
Posted by at
Labels: ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)