I have a local dev environment. Running on a Mac:
Flask + Python3.6 + ldap3 module
What I am doing is connecting to a standalone ldap server over port 636. The server is not part of local environment and not in a container.
With my current environment - on localhost - the Flask app connects to ldap server… no problem.
Issue: I created a Docker container for Flask app. Now, when the same code executes from a container, I get:
LDAPSocketOpenError('socket ssl wrapping error: EOF occurred in violation of protocol (_ssl.c:777)
Now, I know above error is related to a bad connection. So my question is… what am I missing in regards to connecting to a server over port 636 from a Docker container? In addition, if Docker for Mac recognizes the certs from keychain, why doesn’t this work?
Below is my Dockerfile:
FROM alpine:latest
RUN apk add --update \
list of packages...
COPY /home/project/path /app
COPY /path/to/certs /etc/ssl
RUN update-ca-certificates
WORKDIR /app
ENV FLASK_APP=project.py
CMD["flask", "run", "--host=0.0.0.0"]
FYI. I run the container in “-d” mode and then exec /bin/sh. From within the container I can run:
openssl s_client -connect ldap.server.address:636
And it works! I need some assistance, what am I missing about Docker configuration. BTW, all of this is done on localhost.
1/23/2018
After working on this issue, the problem resides in some incompatibility issue between the alpine:latest image and ldap3 python module. Although the precise problem is not solved, changing the Docker image to alpine:3.4 works.