I have recently setup a jitsi meet with ldap2 auth as described on the wiki site for this topic. The authentification is properly working and the next step is using the option use_tls=true.
With enabled option (secured ldap via tls) the connection is set up, but no response is received by ldap-server. The tcpdump shows me, that the ldap-server is presenting its certificate and requests a client certificate. Prosody sends a client certificate, but the information of my tcpdump about it is very rare, the transmitted hex-information are very small. So, I think this is not the right certificate. I have a standard logging (I do not touch the default-settings for logging), no issue is reported in my logs and I have no access to the ldap-server. So I am alone…
On https://git.zx2c4.com/lualdap/about/ I have found these values: certfile and keyfile for client-side certificates. I have studied ldap.lib.lua, mod_auth_ldap2.lua and prosody.cfg.lua, but I do not found a way to specify a ssl-tag with a certificate. So I have no idea how to paste the right client-certificate (or maybe the mtls-certificate) in a way, the ldap2 auth is using it.
The hard point is: the jitisi meet server has 2 interfaces.
1 interface for media/public
1 interface for management: ssh, ldap etc.
I have 2 certificates:
1 server-certificate for jitsi meet and all services published to the public (letsencrypt) and
1 mtls certificate (other CA) for the management interface.
Hopefully someone could advise me or at least could say that this feature is not supported.
Thank you alot!