LDAPS error in LDAPCache.pm

[Addy90]

Dear Proxmox Support,

when connecting to an LDAPS (no STARTTLS but direct TLS connection), I get the following error:
update LDAP profile failed: Unexpected EOF at /usr/share/perl5/PMG/LDAPCache.pm line 368. (500)

When I don't enter the port 636, it says (obviously):
update LDAP profile failed: Can't bind to ldap server 'ldap': Connection timed out (500)

So, I need to provide the port, but then I get the first error.
When I enter a bind user, I get the same first error just with line 366 instead of 368, so this is not the problem.

Moreover, I cannot give a hostname but only an IP-Address in the Server fields - this cannot be right, too... it is no big deal as the LDAP server has a static DHCP lease, but it is not great...

What else can I provide to solve this? We cannot use LDAP without direct TLS connection.
Thank you!

Addy90

 

[Ximix]

Same Error here.
Please help.

 

[alaint]

same error message for me to.
I suspect the certificate, but I did copy it to /etc/ssl/certs .. like I do with ldap PAM auth.

edit: Using port 389 without TLS did fix the problem for me.

 

[Addy90]

I am using a LetsEncrypt Certificate in my LDAP and because I validate user accounts against that LDAP, I only permit TLS or SSL binding, so connecting without encryption is not an option here, except local via ldapi:/// but these are two different machines.
What also is strange is that it is not possible to enter domain names in the host field, but only IP addresses. Maybe the certification is not valid because I cannot enter the domain it is bound to.

Couldn't you fix the LDAP connection maybe?
Thank you!