mirror of
https://github.com/moepman/bk-dss
synced 2024-12-22 08:04:27 +01:00
Add support for custom CA certificates.
This commit is contained in:
parent
8667f788f1
commit
6297785546
@ -2,6 +2,7 @@ DEBUG = True
|
||||
SECRET_KEY = "CHANGE!ME"
|
||||
SESSION_TIMEOUT = 3600
|
||||
|
||||
LDAP_CA = "/etc/ldap/ssl/CA.crt"
|
||||
LDAP_URI = "ldaps://ldap.example.com"
|
||||
LDAP_BASE = "dc=example,dc=com"
|
||||
|
||||
|
5
index.py
5
index.py
@ -18,6 +18,11 @@ app.jinja_env.lstrip_blocks = True
|
||||
|
||||
rdb = Redis(host=app.config.get('REDIS_HOST', '127.0.0.1'), password=app.config.get('REDIS_PSWD'))
|
||||
|
||||
ldap.set_option(ldap.OPT_X_TLS_REQUIRE_CERT, ldap.OPT_X_TLS_DEMAND)
|
||||
ldap.set_option(ldap.OPT_REFERRALS, 0)
|
||||
if 'LDAP_CA' in app.config.keys():
|
||||
ldap.set_option(ldap.OPT_X_TLS_CACERTFILE, app.config.get('LDAP_CA'))
|
||||
|
||||
|
||||
class ReadOnlyField(StringField):
|
||||
def __call__(self, *args, **kwargs):
|
||||
|
Loading…
Reference in New Issue
Block a user