Using an private certificate with LDAP / Active Directory

To add Your own Root CA to the node.js in dockmost - add this to docker-compose.yml:

environment:
  NODE_EXTRA_CA_CERTS: /etc/ssl/RootCA.crt
volumes:
  - /data/docmost/RootCA.crt:/etc/ssl/RootCA.crt

where /data/docmost/RootCA.crt must be accessible. You can check data in the container:

docker exec -it docmost-docmost-1 bash

40bfb1512022:/app$ ls -l /etc/ssl/
total 52
lrwxrwxrwx    1 root     root            25 Jul 15 10:42 cert.pem -> certs/ca-certificates.crt
drwxr-xr-x    2 root     root          4096 Jul 15 10:42 certs
-rw-r--r--    1 root     root           412 Jul  3 14:21 ct_log_list.cnf
-rw-r--r--    1 root     root           412 Jul  3 14:21 ct_log_list.cnf.dist
-rw-r--r--    1 root     root          1979 Sep 25 10:51 rootCA.crt
-rw-r--r--    1 root     root         12411 Jul  3 14:21 openssl.cnf
-rw-r--r--    1 root     root         12411 Jul  3 14:21 openssl.cnf.dist
drwxr-xr-x    2 root     root          4096 Jul 15 10:42 private
40bfb1512078:/app$

40bfb1512022:/app$ set | grep NODE
NODE_EXTRA_CA_CERTS=/etc/ssl/RootCA.crt
NODE_VERSION=22.19.0
40bfb1512022:/app$

if the /etc/ssl/rootCA.crt has become a directory within the container instead of a file, its because the source /data/docmost/RootCA.crt is not accessible at mount time

LDAP with Active Directory

UID and email must be set in the AD (UID is not per default)

Then use:

Information Technology > Docmost Tips and Tricks > Screenshot 2025-09-25 at 13.33.14.png

This is proplably because UID is normal for non-ad systems as unique identifier.