I have tried to add AD as a LDAP identity source in my VIO3 deployment and got an error when I selected SSL encryption (port 636).
When I switched the encryption to None everything works fine.
Initially I suspect if my AD has not enabled SSL for LDAP but LDAP browser could make a query to my AD through port 636 without issue.
After drilling down to ansible script, I found that when ever the script run to a task "write the LDAP certificate to keystone" no output appeared in the destination directory as specified in the task. As a result the next task "copy the LDAP certificates to keystone and ca-certificates" which trying to copy the output in previous task would failed the deployment.
Anyone has idea on this issue?
Did I missed anything before setting up the LDAP identity source in VIO?
Thanks.