Error 80 during startup with TLS configuration

[christiansicari]

Name and Version

bitnami/openldap

What steps will reproduce the bug?

I am currently using the following compose

# for certs https://deliciousbrains.com/ssl-certificate-authority-for-local-https-development/#becoming-certificate-authority
version: '2'

services:
  openldap:
    image: bitnami/openldap:2.5.6
    ports:
      - '1389:1389'
      - '1636:1636'
    environment:
      - LDAP_ADMIN_USERNAME=admin
      - LDAP_ADMIN_PASSWORD=adminpassword
      - LDAP_USERS=user01,user02
      - LDAP_PASSWORDS=password1,password2
      - LDAP_ENABLE_TLS=yes
      - BITNAMI_DEBUG=true
      - LDAP_TLS_CERT_FILE=/opt/bitnami/openldap/certs/openldap.crt
      - LDAP_TLS_KEY_FILE=/opt/bitnami/openldap/certs/openldap.key
      - LDAP_TLS_CA_FILE=/opt/bitnami/openldap/certs/openldapCA.crt
    volumes:
      - /home/ubuntu/ldap/certs/myCA.pem:/opt/bitnami/openldap/certs/openldapCA.crt
      - /home/ubuntu/ldap/certs/ldap.key:/opt/bitnami/openldap/certs/openldap.key
      - /home/ubuntu/ldap/certs/ldap.crt:/opt/bitnami/openldap/certs/openldap.crt
      #- $PWD/openldap:/bitnami/openldap

For generating the certificates I used this guide https://deliciousbrains.com/ssl-certificate-authority-for-local-https-development/

What do you see instead?

At the bootstrap I get this error:

$ docker-compose logs -f
Attaching to ldap_openldap_1
openldap_1  |  16:07:08.03 INFO  ==> ** Starting LDAP setup **
openldap_1  |  16:07:08.06 INFO  ==> Validating settings in LDAP_* env vars
openldap_1  |  16:07:08.07 INFO  ==> Initializing OpenLDAP...
openldap_1  |  16:07:08.07 DEBUG ==> Ensuring expected directories/files exist...
openldap_1  |  16:07:08.08 INFO  ==> Creating LDAP online configuration
openldap_1  |  16:07:08.11 INFO  ==> Starting OpenLDAP server in background
openldap_1  |  16:07:08.16 INFO  ==> Configure LDAP credentials for admin user
openldap_1  | SASL/EXTERNAL authentication started
openldap_1  | SASL username: gidNumber=0+uidNumber=1001,cn=peercred,cn=external,cn=auth
openldap_1  | SASL SSF: 0
openldap_1  | modifying entry "olcDatabase={2}mdb,cn=config"
openldap_1  | 
openldap_1  | modifying entry "olcDatabase={2}mdb,cn=config"
openldap_1  | 
openldap_1  | modifying entry "olcDatabase={2}mdb,cn=config"
openldap_1  | 
openldap_1  | modifying entry "olcDatabase={1}monitor,cn=config"
openldap_1  | 
openldap_1  |  16:07:08.18 INFO  ==> Configuring TLS
openldap_1  | SASL/EXTERNAL authentication started
openldap_1  | SASL username: gidNumber=0+uidNumber=1001,cn=peercred,cn=external,cn=auth
openldap_1  | SASL SSF: 0
openldap_1  | ldap_modify: Other (e.g., implementation specific) error (80)
openldap_1  | modifying entry "cn=config"
openldap_1  | 
ldap_openldap_1 exited with code 80

If I restart the compose logs get stuck on

Attaching to ldap_openldap_1
openldap_1  |  16:07:08.03 INFO  ==> ** Starting LDAP setup **
openldap_1  |  16:07:08.06 INFO  ==> Validating settings in LDAP_* env vars
openldap_1  |  16:07:08.07 INFO  ==> Initializing OpenLDAP...
openldap_1  |  16:07:08.07 DEBUG ==> Ensuring expected directories/files exist...
openldap_1  |  16:07:08.08 INFO  ==> Creating LDAP online configuration
openldap_1  |  16:07:08.11 INFO  ==> Starting OpenLDAP server in background
openldap_1  |  16:07:08.16 INFO  ==> Configure LDAP credentials for admin user
openldap_1  | SASL/EXTERNAL authentication started
openldap_1  | SASL username: gidNumber=0+uidNumber=1001,cn=peercred,cn=external,cn=auth
openldap_1  | SASL SSF: 0
openldap_1  | modifying entry "olcDatabase={2}mdb,cn=config"
openldap_1  | 
openldap_1  | modifying entry "olcDatabase={2}mdb,cn=config"
openldap_1  | 
openldap_1  | modifying entry "olcDatabase={2}mdb,cn=config"
openldap_1  | 
openldap_1  | modifying entry "olcDatabase={1}monitor,cn=config"
openldap_1  | 
openldap_1  |  16:07:08.18 INFO  ==> Configuring TLS
openldap_1  | SASL/EXTERNAL authentication started
openldap_1  | SASL username: gidNumber=0+uidNumber=1001,cn=peercred,cn=external,cn=auth
openldap_1  | SASL SSF: 0
openldap_1  | ldap_modify: Other (e.g., implementation specific) error (80)
openldap_1  | modifying entry "cn=config"
openldap_1  | 
openldap_1  |  16:07:21.95 INFO  ==> ** Starting LDAP setup **
openldap_1  |  16:07:21.99 INFO  ==> Validating settings in LDAP_* env vars
openldap_1  |  16:07:22.00 INFO  ==> Initializing OpenLDAP...
openldap_1  |  16:07:22.00 DEBUG ==> Ensuring expected directories/files exist...
openldap_1  |  16:07:22.01 INFO  ==> Using persisted data
openldap_1  | 
openldap_1  |  16:07:22.01 INFO  ==> ** LDAP setup finished! **
openldap_1  |  16:07:22.06 INFO  ==> ** Starting slapd **
openldap_1  | 62e7fa3a.03f3b937 0x7fa14f542080 @(#) $OpenLDAP: slapd 2.5.6 (Jul 28 2021 00:10:53) $
openldap_1  | 	@94dd05a7ed4b:/bitnami/blacksmith-sandox/openldap-2.5.6/servers/slapd
openldap_1  | 62e7fa3a.059fba3b 0x7fa14f542080 slapd starting

[carrodher]

It seems it is not an issue related to the Bitnami openldap container image or Helm chart but about how the application or environment is being used/configured.

For information regarding the application itself, customization of the content within the application, or questions about the use of technology or infrastructure; we highly recommend checking forums and user guides made available by the project behind the application or the technology.

That said, we will keep this ticket open until the stale bot closes it just in case someone from the community adds some valuable info.

[github-actions[bot]]

This Issue has been automatically marked as "stale" because it has not had recent activity (for 15 days). It will be closed if no further activity occurs. Thanks for the feedback.

[github-actions[bot]]

Due to the lack of activity in the last 5 days since it was marked as "stale", we proceed to close this Issue. Do not hesitate to reopen it later if necessary.