davidcoutadeur

Still some minor issues for docker alpine image. I have fixed these by myself, and added some documentation. I have also rebased and squashed your commits. The merge request will...

We could add a remark in the install section indeed. Thanks for the feedback

Could you try with this instead? ``` putenv('LDAPTLS_CIPHER_SUITE=NORMAL:!VERS-TLS1.2'); putenv('LDAPTLS_REQCERT=demand'); putenv('LDAPTLS_CACERT=/etc/ssl/certs/ca-certificates.crt'); ``` The aim is to understand if the problem is really the cipher suite.

Ok, so it does not seem to be a problem with self-service-password, but rather a TLS configuration. TLS configuration occurs in ldap library (usually /etc/ldap/ldap.conf or /etc/openldap/ldap.conf), so I don't...

Actually, you shouldn't need to use putenv in your configuration file. Configuring your ldap.conf should be sufficient. I reopen the issue to let you the opportunity to provide evidence that...

Ok, thanks for the feedback. So the documentation is accurate. The last step for you is to find a way to upgrade the TLS version of Active Directory to 1.2...

I think the documentation is quite exhaustive on this issue: https://self-service-password.readthedocs.io/en/stable/config_ldap.html#server-address We can't list all TLS configuration possibilities, as it it depends on many factors and configuring TLS ciphers is...

It makes sense to put it in ltb-common indeed.

It does not seem much work and could be interesting indeed. @cmaudoux did you start working on something you want to share?

For information, we are also working on a big hook refactoring/improvement: #219