LDAP Authentication - does it support client certificates?

Discussion in 'Proxmox VE: Installation and configuration' started by victorhooi, Mar 14, 2019.

  1. victorhooi

    victorhooi Member

    Joined:
    Apr 3, 2018
    Messages:
    79
    Likes Received:
    2
    Hi,

    I'm attempting to setup Proxmox to authenticate against Google Secure LDAP.

    This uses a client certificate in order to authenticate - I have a separate keyfile and certificate file.

    Does Proxmox support using this to authenticate for LDAP?

    Thanks,
    Victor
     
  2. dcsapak

    dcsapak Proxmox Staff Member
    Staff Member

    Joined:
    Feb 1, 2016
    Messages:
    3,248
    Likes Received:
    292
    yes, this is rather sparsely documented but you can see in the api that you can set a client cert/key
    https://yourhost:8006/pve-docs/api-viewer/index.html -> /access/domains POST
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  3. victorhooi

    victorhooi Member

    Joined:
    Apr 3, 2018
    Messages:
    79
    Likes Received:
    2
    Aha, so you're saying I could do this via the API?

    [​IMG]

    The wiki article isn't very clear on how to setup authentication realms - it seems to imply you need to setup a /etc/pve/domains.cfg file. I'm searching, but the documentation on this is rather sparse - happy to contribute to the wiki article once I get this running myself.

    Also, I just saw from this other thread that you might need to create each LDAP user separately in Proxmox as well? Is that still the case for LDAP?
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice