I’m using a Vagrant VM with Ubuntu 24.04 Noble to develop a project. I’m using Node 20.18.0 and NestJs 10.4.5.
In one of the routes, I´m trying to access a secure ldap server using NodeJs’s ldapts module. This is how I’m doing it:
const client = new Client({
url: 'ldaps://<ldapip>',
timeout: 0,
connectTimeout: 0,
});
const bindDN = 'CN=Administrator,CN=Users,DC=myproject,DC=local';
const password = 'mypdw';
try {
console.log('D1');
let cert = fs.readFileSync('/vagrant/backend/certs/mycert.crt');
console.log(cert.toString('base64'));
await client.startTLS({
ca: [cert],
});
console.log('D2');
await client.bind(bindDN, password);
console.log('D3');
(...)
} catch (error) {
return { status: 500, msg: 'LDAP fail', error }
} finally {
await client.unbind();
}
When I run this code, D0, D1 and the certificate are printed correctly, but it doesn’t reach point D2. It fails with the following error:
{"code":"UNABLE_TO_VERIFY_LEAF_SIGNATURE"}}
I know for sure that the certificate is emmited by the AD’s CA. I’m using Chromium and the CA is correctly imported to it.
I also tried to create a file with both the user certificate and the CA’s certificate in it and it didn’t work also.
What am I doing wrong ? Do I have to import the CA or certificate in some system certificate database or something ?