Slow bind with SSL/TLS

[Randy-Butternubs]

Jellyfin version: 10.8.10 (official docker on debian host) Plugin version: 17 Directory: Microsoft Active Directory (Server 2019)

When attempting bind with SSL it takes about 15 seconds to bind and read the directory vs nearly instant when performing the same unencrypted over 389. This results in a much longer delay for the end user to log in, roughly 45 seconds at the login screen before entry. This behavior is the same with our without verification of the certificate, however I do see a partial chain error when verification is turned on (it still succeeds with the bind/lookup).

I've verified other containers on this docker host are able to perform a similar bind over SSL with no delay.

[voc0der]

Can confirm the same issue. I am using openldap, not AD though.

[voc0der]

from the openldap logs while jellyfin is trying to connect;

659c6xxx1 conn=1072 op=0 BIND dn="uid=netsamurai,ou=people,dc=xyz,dc=in" method=128
659c6xx1 conn=1072 op=0 BIND dn="uid=netsamurai,ou=people,dc=xyz,dc=in" mech=SIMPLE ssf=0

The 2nd line always happens, which sounds like the encryption is failing and falling back every time.

For now I use Skip SSL/TLS Certificate.