So, you have an LDAP server running happily on port 636 but one of your client applications doesn’t seem to be happy with the SSL connection for whatever reason. You need an intermediary container to handle the SSL connection to the LDAP server on port 636, presenting it to the local application on port 389.
First, we write a Dockerfile that will describe a container that runs up an haproxy daemon.
FROM alpine:latest
RUN apk -U add haproxy
COPY haproxy.cfg /etc/haproxy/haproxy.cfg
EXPOSE 389
CMD ["/usr/sbin/haproxy", "-db", "-f", "/etc/haproxy/haproxy.cfg"]
Now, we just need to provide the haproxy configuration:
frontend main
bind *:389
default_backend ldapserver
backend ldapserver
server static ldap.yourdomain.com:636 ssl verify none
Now, run it up to test it:
docker build -t ldap-proxy .
docker run -d --rm -p 389:389 ldap-proxy
ldapsearch -W -x -H ldap://localhost