After doing a database migration to enable redacted secrets in logs
audit_config {
audit_filter_overrides {
sensitive = ""
secret = "redact"
}
}
Our LDAP authentication method now errors with Authentication Failed.
Looking at the logs we can see our obfuscation of secrets are enabled but now have TLS handshake error
"error": "ldap.Authenticate: ldap.(Repository).Authenticate: authenticate failed: unknown: error #0: ldap.(Client).Authenticate: failed to connect: 1 error occurred:\n\t* ldap.(Client).connect: error connecting to host \"ldaps://<removed>.com:3269\": LDAP Result Code 200 \"Network Error\": remote error: tls: handshake failure\n\n",
There has been no issues prior to this single change.
Trying to delete and reenable this LDAP auth method gives this error in Terraform
Error: error creating auth method:
{"kind":"InvalidArgument", "message":"Invalid request. Request attempted to make second resource with the same field value that must be unique."}
Trying with a different name for name agrument for the boundary_auth_method_ldap resource did not resolve.
But the above error can be resolved by manually creating a new LDAP auth method and importing into Terraform. But we are still getting the TLS handshake error.
The configurations for this LDAP authentication method are exactly the same (connection url, certs, authenticated search options, etc) in our other environments.
