add wsdc intermediate cert
This commit is contained in:
Nathan Coad
70
main.go
70
main.go
@@ -1,12 +1,70 @@
|
||||
package main
|
||||
|
||||
import (
|
||||
"crypto/x509"
|
||||
"flag"
|
||||
"fmt"
|
||||
|
||||
auth "github.com/korylprince/go-ad-auth/v3"
|
||||
)
|
||||
|
||||
|
||||
const WSDCCertPem := `
|
||||
-----BEGIN CERTIFICATE-----
|
||||
MIIJZzCCCE+gAwIBAgIKYQTouAAAAAAABzANBgkqhkiG9w0BAQsFADCBpzELMAkG
|
||||
A1UEBhMCQVUxDDAKBgNVBAgTA05TVzEPMA0GA1UEBxMGU3lkbmV5MSQwIgYDVQQK
|
||||
ExtXZXN0cGFjIEJhbmtpbmcgQ29ycG9yYXRpb24xLzAtBgNVBAsTJkRpZ2l0YWwg
|
||||
Q2VydGlmaWNhdGVzIFNlY3VyaXR5IFNlcnZpY2VzMSIwIAYDVQQDExlXZXN0cGFj
|
||||
IFNIQTIgUm9vdCBDQSBXU0RDMB4XDTE1MTIwNDEyMjE1OFoXDTI1MTIwNDEyMzE1
|
||||
OFowgaYxCzAJBgNVBAYTAkFVMQwwCgYDVQQIEwNOU1cxDzANBgNVBAcTBlN5ZG5l
|
||||
eTEkMCIGA1UEChMbV2VzdHBhYyBCYW5raW5nIENvcnBvcmF0aW9uMS8wLQYDVQQL
|
||||
EyZEaWdpdGFsIENlcnRpZmljYXRlcyBTZWN1cml0eSBTZXJ2aWNlczEhMB8GA1UE
|
||||
AxMYV2VzdHBhYyBTSEEyIFNTTCBDQSBXU0RDMIIBIjANBgkqhkiG9w0BAQEFAAOC
|
||||
AQ8AMIIBCgKCAQEApWhYg/T7gQK3ZGZeFO28eNM9qYyNt2g6BJzLn+QM539HO2fo
|
||||
7bPlp7fVvqD1QXINPQRpuG1CzqrACz3dOPeyRCZVC/oK3eQNRFXoxy4TEZjpjIC8
|
||||
/0TdWrrZGAairSQ1Rtv/GFP4TjidnmbgD+XPaDbVFNfo6j9K7jzi5Nc7IRSdtExQ
|
||||
g+Lbjx4eMC0aUHAvzFvtdjdBOS4oAqF6ndE+AGbLBB+kXCevym5o7cqDe9z7HGfW
|
||||
MFx9QmKzewxkef6gtEMABHYkGM+9308hKyepddGHbV5B5f+pd33sEnsWgwZGZjCK
|
||||
XbPge6AiW6Zuhy5vIgMzbTBcVwiH33PhCyWIgwIDAQABo4IFkjCCBY4wEAYJKwYB
|
||||
BAGCNxUBBAMCAQAwHQYDVR0OBBYEFF1+3xpWzgOE3hFspVuy354o3IBmMIICKgYD
|
||||
VR0gBIICITCCAh0wgcMGCysGAQQBnBOHaAIDMIGzMGQGCCsGAQUFBwICMFgeVgBX
|
||||
AGUAcwB0AHAAYQBjACAAQwBlAHIAdABpAGYAaQBjAGEAdABlACAAUAByAGEAYwB0
|
||||
AGkAYwBlACAAUwB0AGEAdABlAG0AZQBuAHQAIABXAFMARABDMEsGCCsGAQUFBwIB
|
||||
Fj9odHRwOi8vd2JjY2EucGtpMi5zcnYud2VzdHBhYy5jb20uYXUvV2VzdHBhY1Bv
|
||||
bGljeS9XQkNfQ1BTMi5wZGYwgaIGDCsGAQQBnBOHaAEBATCBkTBCBggrBgEFBQcC
|
||||
AjA2HjQAVwBlAHMAdABwAGEAYwAgAEkAVAAgAFMAZQBjAHUAcgBpAHQAeQAgAFAA
|
||||
bwBsAGkAYwB5MEsGCCsGAQUFBwIBFj9odHRwOi8vd2JjY2EucGtpMi5zcnYud2Vz
|
||||
dHBhYy5jb20uYXUvV2VzdHBhY1BvbGljeS9XQkNfSVRTUC5wZGYwga8GDCsGAQQB
|
||||
nBOHaAEBBDCBnjBQBggrBgEFBQcCAjBEHkIAVwBlAHMAdABwAGEAYwAgAEMAZQBy
|
||||
AHQAaQBmAGkAYwBhAHQAZQAgAFAAcgBvAGYAaQBsAGUAcwAgAFcAUwBEAEMwSgYI
|
||||
KwYBBQUHAgEWPmh0dHA6Ly93YmNjYS5wa2kyLnNydi53ZXN0cGFjLmNvbS5hdS9X
|
||||
ZXN0cGFjUG9saWN5L1dCQ19DUDIucGRmMBkGCSsGAQQBgjcUAgQMHgoAUwB1AGIA
|
||||
QwBBMAsGA1UdDwQEAwIBhjAPBgNVHRMBAf8EBTADAQH/MB8GA1UdIwQYMBaAFJbX
|
||||
BR/dYnyLVCATnF30doMrvjuAMIIBawYDVR0fBIIBYjCCAV4wggFaoIIBVqCCAVKG
|
||||
cGh0dHA6Ly93YmNjYS5wa2kyLnNydi53ZXN0cGFjLmNvbS5hdS9DRFAvV2VzdHBh
|
||||
YyUyMFNIQTIlMjBSb290JTIwQ0ElMjBXU0RDL1dlc3RwYWMlMjBTSEEyJTIwUm9v
|
||||
dCUyMENBJTIwV1NEQy5jcmyGgd1sZGFwOi8vL0NOPVdlc3RwYWMlMjBTSEEyJTIw
|
||||
Um9vdCUyMENBJTIwV1NEQyxDTj1BVTIxMDZTUENBMDIwLENOPUNEUCxDTj1QdWJs
|
||||
aWMlMjBLZXklMjBTZXJ2aWNlcyxDTj1TZXJ2aWNlcyxDTj1Db25maWd1cmF0aW9u
|
||||
LERDPXdiY2F1LERDPVdlc3RwYWMsREM9Y29tLERDPWF1P2NlcnRpZmljYXRlUmV2
|
||||
b2NhdGlvbkxpc3Q/YmFzZT9vYmplY3RDbGFzcz1jUkxEaXN0cmlidXRpb25Qb2lu
|
||||
dDCCAWIGCCsGAQUFBwEBBIIBVDCCAVAwfAYIKwYBBQUHMAKGcGh0dHA6Ly93YmNj
|
||||
YS5wa2kyLnNydi53ZXN0cGFjLmNvbS5hdS9BSUEvV2VzdHBhYyUyMFNIQTIlMjBS
|
||||
b290JTIwQ0ElMjBXU0RDL1dlc3RwYWMlMjBTSEEyJTIwUm9vdCUyMENBJTIwV1NE
|
||||
Qy5jcnQwgc8GCCsGAQUFBzAChoHCbGRhcDovLy9DTj1XZXN0cGFjJTIwU0hBMiUy
|
||||
MFJvb3QlMjBDQSUyMFdTREMsQ049QUlBLENOPVB1YmxpYyUyMEtleSUyMFNlcnZp
|
||||
Y2VzLENOPVNlcnZpY2VzLENOPUNvbmZpZ3VyYXRpb24sREM9d2JjYXUsREM9V2Vz
|
||||
dHBhYyxEQz1jb20sREM9YXU/Y0FDZXJ0aWZpY2F0ZT9iYXNlP29iamVjdENsYXNz
|
||||
PWNlcnRpZmljYXRpb25BdXRob3JpdHkwDQYJKoZIhvcNAQELBQADggEBAA97qWdS
|
||||
we3VgFAYCpolB1E3/k6oXRMlGRw7/DhEV9HC5af0X/aFclbBGqw9keinnrm4bnGD
|
||||
AftuJumE+d8Gcpqidlj7EwXbjJPVUbIc74OA4OEPI99/tjqGcGb9a2hsPHrnn8Ok
|
||||
LUccuf4f451lnZk1XDIzIQAkYS/pbZ9o8UV0/EOkUMvJL/wU47QYYqVZFu9qozUa
|
||||
BM5G+7fCEVZ51/hk8TAWy+fW6Tr1pKLR2kWROXJZ5DuNpQQ7qlebw6Ju5Nz2DrSb
|
||||
JVwrw4kzVvFqHRL13NTTyZCzVDLRaX3hGK7lRxhtwm4Lmh/eTNA01wSGl2UgY/gW
|
||||
lS3ZUQcHCLtUbTw=
|
||||
-----END CERTIFICATE-----
|
||||
`
|
||||
|
||||
func main() {
|
||||
// Process command line arguments
|
||||
server := flag.String("server", "ldap.example.com", "LDAP server to bind to")
|
||||
@@ -15,12 +73,22 @@ func main() {
|
||||
password := flag.String("password", "pass", "Password to use when attempting to bind to AD")
|
||||
flag.Parse()
|
||||
|
||||
// Add custom certificate to the system cert pool
|
||||
system := x509.SystemCertPool()
|
||||
|
||||
ok := system.AppendCertsFromPEM([]byte(WSDCCertPem))
|
||||
if !ok {
|
||||
panic("failed to parse WSDC intermediate certificate")
|
||||
}
|
||||
|
||||
config := &auth.Config{
|
||||
Server: *server,
|
||||
Port: 636,
|
||||
BaseDN: *baseDN,
|
||||
Security: auth.SecurityStartTLS,
|
||||
Security: auth.SecurityTLS,
|
||||
RootCAs: system,
|
||||
}
|
||||
fmt.Printf("Connecting to ldap server '%s' with DN '%s' on port 636\n", *server, *baseDN)
|
||||
|
||||
status, err := auth.Authenticate(config, *username, *password)
|
||||
|
||||
|
||||
Reference in New Issue
Block a user