node-activedirectory icon indicating copy to clipboard operation
node-activedirectory copied to clipboard

Published 20 hours ago verified publisher icon gheeres

Cert is empty error

Open tomalex0 opened this issue 8 years ago • 3 comments

At times while connecting to ldap we are getting below error but not always. "reason": "Cert is empty",

Can somebody help me identifying the actual cause

tomalex0 avatar Apr 06 '17 19:04 tomalex0

Further error trace

{ Error: Hostname/IP doesn't match certificate's altnames: "Cert is empty"
    at Object.checkServerIdentity (tls.js:199:17)
    at TLSSocket.<anonymous> (_tls_wrap.js:1091:29)
    at emitNone (events.js:86:13)
    at TLSSocket.emit (events.js:185:7)
    at TLSSocket._finishInit (_tls_wrap.js:603:8)
    at TLSWrap.ssl.onhandshakedone (_tls_wrap.js:433:38)

tomalex0 avatar Apr 06 '17 21:04 tomalex0

I used this tool to test out same flow and it was working fine http://www.computerperformance.co.uk/w2k3/utilities/ldp.htm#Free

tomalex0 avatar Apr 06 '17 22:04 tomalex0

I think this is seen when the cert lacks a subject name (i.e. it only has SubjectAltName). This is perfectly valid as far as I am aware however it trips up something in this node-tls-ldapjs-activedirectory stack. Looking into it (as a user, not a dev). EDIT: this is a node bug. https://github.com/nodejs/node/issues/11771 similar libraries to this are working around it themselves: https://github.com/auth0/ad-ldap-connector/pull/94/commits/1f4dd2be6ed93dda591dd31ed5483a9b452a8d2a

akdor1154 avatar May 15 '17 00:05 akdor1154