On Mon, Feb 22, 2016 at 11:54:01AM -0800, Nunya DamnedBizniss wrote: > As the subject says, I'm attempting to use SSL Terminated HAProxy to load > balance LDAP queries against Active Directory DCs. Because this LDAP is > not HTTP, I've chosen to use TCP Mode. Unfortunately, I have been unable > to create a working configuration for this. All queries return > > ldap_initialize( ldaps://ldap.company.com:636/??base ) > ldap_sasl_bind(SIMPLE): Can't contact LDAP server (-1) > > Is SSL Termination supported in TCP Mode? For information regarding the > haproxy.cfg, please see > > > https://www.reddit.com/r/sysadmin/comments/46c1im/issue_configuring_haproxy_frontend_to_active/
I know I'm tired and not seeing well, but I can't find the "ssl" keyword on your "server" lines, there's check-ssl only. So you decrypt ssl on the frontend and send it decrypted to port 636 on your servers. Willy
