Using an private certificate with LDAP / Active Directory
To add Your own Root CA to the node.js in dockmost - add this to docker-compose.yml:
environment: NODE_EXTRA_CA_CERTS: /etc/ssl/RootCA.crt volumes: - /data/docmost/RootCA.crt:/etc/ssl/RootCA.crt
where /data/docmost/RootCA.crt must be accessible. You can check data in the container:
docker exec -it docmost-docmost-1 bash 40bfb1512022:/app$ ls -l /etc/ssl/ total 52 lrwxrwxrwx 1 root root 25 Jul 15 10:42 cert.pem -> certs/ca-certificates.crt drwxr-xr-x 2 root root 4096 Jul 15 10:42 certs -rw-r--r-- 1 root root 412 Jul 3 14:21 ct_log_list.cnf -rw-r--r-- 1 root root 412 Jul 3 14:21 ct_log_list.cnf.dist -rw-r--r-- 1 root root 1979 Sep 25 10:51 rootCA.crt -rw-r--r-- 1 root root 12411 Jul 3 14:21 openssl.cnf -rw-r--r-- 1 root root 12411 Jul 3 14:21 openssl.cnf.dist drwxr-xr-x 2 root root 4096 Jul 15 10:42 private 40bfb1512078:/app$ 40bfb1512022:/app$ set | grep NODE NODE_EXTRA_CA_CERTS=/etc/ssl/RootCA.crt NODE_VERSION=22.19.0 40bfb1512022:/app$
if the /etc/ssl/rootCA.crt has become a directory instead of a file, its because the source /data/docmost/RootCA.crt is not accessible at mount time
LDAP with Active Directory
UID and email must be set in the AD (UID is not per default)
Then use:
This is proplably because UID is normal for non-ad systems as unique identifier.