issue: LDAP still requires TLS certificate path #4701

New Issue

Closed

opened 2025-11-11 16:01:02 -06:00 by GiteaMirror · 2 comments

GiteaMirror commented 2025-11-11 16:01:02 -06:00

Owner

Copy Link

Originally created by @zenorbi on GitHub (Apr 3, 2025).

Check Existing Issues

• I have searched the existing issues and discussions.
• I am using the latest version of Open WebUI.

Installation Method

Docker

Open WebUI Version

v0.6.0

Ollama Version (if applicable)

No response

Operating System

Debian 12

Browser (if applicable)

No response

Confirmation

• I have read and followed all instructions in README.md.
• I am using the latest version of both Open WebUI and Ollama.
• I have included the browser console logs.
• I have included the Docker container logs.
• I have listed steps to reproduce the bug in detail.

Expected Behavior

The settings page should accept and apply empty LDAP TLS certificate path as fixed in https://github.com/open-webui/open-webui/issues/11294

Actual Behavior

The form submits but I get an error toast: "TLS is enabled but certificate file path is missing"

Settings are not saved.

Steps to Reproduce

1. Optional: Have an LDAP server with certificate that is trusted by default
2. Set the LDAP config on the admin page
   1. Enable TLS
   2. Don't set a TLS certificate path
3. Click Save

Logs & Screenshots

openwebui-1  | 2025-04-03 15:04:16.110 | INFO     | open_webui.config:save:242 - Saving 'WEBHOOK_URL' to the database - {}
openwebui-1  | 2025-04-03 15:04:16.119 | INFO     | uvicorn.protocols.http.httptools_impl:send:476 - 131.152.136.233:0 - "POST /api/webhook HTTP/1.1" 200 - {}
openwebui-1  | 2025-04-03 15:04:16.128 | INFO     | open_webui.config:save:242 - Saving 'SHOW_ADMIN_DETAILS' to the database - {}
openwebui-1  | 2025-04-03 15:04:16.133 | INFO     | open_webui.config:save:242 - Saving 'WEBUI_URL' to the database - {}
openwebui-1  | 2025-04-03 15:04:16.138 | INFO     | open_webui.config:save:242 - Saving 'ENABLE_SIGNUP' to the database - {}
openwebui-1  | 2025-04-03 15:04:16.143 | INFO     | open_webui.config:save:242 - Saving 'ENABLE_API_KEY' to the database - {}
openwebui-1  | 2025-04-03 15:04:16.148 | INFO     | open_webui.config:save:242 - Saving 'ENABLE_API_KEY_ENDPOINT_RESTRICTIONS' to the database - {}
openwebui-1  | 2025-04-03 15:04:16.152 | INFO     | open_webui.config:save:242 - Saving 'API_KEY_ALLOWED_ENDPOINTS' to the database - {}
openwebui-1  | 2025-04-03 15:04:16.158 | INFO     | open_webui.config:save:242 - Saving 'ENABLE_CHANNELS' to the database - {}
openwebui-1  | 2025-04-03 15:04:16.162 | INFO     | open_webui.config:save:242 - Saving 'DEFAULT_USER_ROLE' to the database - {}
openwebui-1  | 2025-04-03 15:04:16.167 | INFO     | open_webui.config:save:242 - Saving 'JWT_EXPIRES_IN' to the database - {}
openwebui-1  | 2025-04-03 15:04:16.171 | INFO     | open_webui.config:save:242 - Saving 'ENABLE_COMMUNITY_SHARING' to the database - {}
openwebui-1  | 2025-04-03 15:04:16.177 | INFO     | open_webui.config:save:242 - Saving 'ENABLE_MESSAGE_RATING' to the database - {}
openwebui-1  | 2025-04-03 15:04:16.181 | INFO     | open_webui.config:save:242 - Saving 'ENABLE_USER_WEBHOOKS' to the database - {}
openwebui-1  | 2025-04-03 15:04:16.186 | INFO     | uvicorn.protocols.http.httptools_impl:send:476 - 131.152.136.233:0 - "POST /api/v1/auths/admin/config HTTP/1.1" 200 - {}
openwebui-1  | 2025-04-03 15:04:16.198 | INFO     | uvicorn.protocols.http.httptools_impl:send:476 - 131.152.136.233:0 - "POST /api/v1/auths/admin/config/ldap/server HTTP/1.1" 400 - {}
openwebui-1  | 2025-04-03 15:04:16.214 | INFO     | uvicorn.protocols.http.httptools_impl:send:476 - 131.152.136.233:0 - "GET /api/config HTTP/1.1" 200 - {}

Additional Information

We get certificates from Let's Encrypt for our LDAP, it shouldn't be mandatory to set a certificate path.

Originally created by @zenorbi on GitHub (Apr 3, 2025). ### Check Existing Issues - [x] I have searched the existing issues and discussions. - [x] I am using the latest version of Open WebUI. ### Installation Method Docker ### Open WebUI Version v0.6.0 ### Ollama Version (if applicable) _No response_ ### Operating System Debian 12 ### Browser (if applicable) _No response_ ### Confirmation - [x] I have read and followed all instructions in `README.md`. - [x] I am using the latest version of **both** Open WebUI and Ollama. - [x] I have included the browser console logs. - [x] I have included the Docker container logs. - [x] I have listed steps to reproduce the bug in detail. ### Expected Behavior The settings page should accept and apply empty LDAP TLS certificate path as fixed in https://github.com/open-webui/open-webui/issues/11294 ### Actual Behavior The form submits but I get an error toast: "TLS is enabled but certificate file path is missing" Settings are not saved. ### Steps to Reproduce 1. Optional: Have an LDAP server with certificate that is trusted by default 2. Set the LDAP config on the admin page 1. Enable TLS 2. Don't set a TLS certificate path 3. Click Save ### Logs & Screenshots  ``` openwebui-1 | 2025-04-03 15:04:16.110 | INFO | open_webui.config:save:242 - Saving 'WEBHOOK_URL' to the database - {} openwebui-1 | 2025-04-03 15:04:16.119 | INFO | uvicorn.protocols.http.httptools_impl:send:476 - 131.152.136.233:0 - "POST /api/webhook HTTP/1.1" 200 - {} openwebui-1 | 2025-04-03 15:04:16.128 | INFO | open_webui.config:save:242 - Saving 'SHOW_ADMIN_DETAILS' to the database - {} openwebui-1 | 2025-04-03 15:04:16.133 | INFO | open_webui.config:save:242 - Saving 'WEBUI_URL' to the database - {} openwebui-1 | 2025-04-03 15:04:16.138 | INFO | open_webui.config:save:242 - Saving 'ENABLE_SIGNUP' to the database - {} openwebui-1 | 2025-04-03 15:04:16.143 | INFO | open_webui.config:save:242 - Saving 'ENABLE_API_KEY' to the database - {} openwebui-1 | 2025-04-03 15:04:16.148 | INFO | open_webui.config:save:242 - Saving 'ENABLE_API_KEY_ENDPOINT_RESTRICTIONS' to the database - {} openwebui-1 | 2025-04-03 15:04:16.152 | INFO | open_webui.config:save:242 - Saving 'API_KEY_ALLOWED_ENDPOINTS' to the database - {} openwebui-1 | 2025-04-03 15:04:16.158 | INFO | open_webui.config:save:242 - Saving 'ENABLE_CHANNELS' to the database - {} openwebui-1 | 2025-04-03 15:04:16.162 | INFO | open_webui.config:save:242 - Saving 'DEFAULT_USER_ROLE' to the database - {} openwebui-1 | 2025-04-03 15:04:16.167 | INFO | open_webui.config:save:242 - Saving 'JWT_EXPIRES_IN' to the database - {} openwebui-1 | 2025-04-03 15:04:16.171 | INFO | open_webui.config:save:242 - Saving 'ENABLE_COMMUNITY_SHARING' to the database - {} openwebui-1 | 2025-04-03 15:04:16.177 | INFO | open_webui.config:save:242 - Saving 'ENABLE_MESSAGE_RATING' to the database - {} openwebui-1 | 2025-04-03 15:04:16.181 | INFO | open_webui.config:save:242 - Saving 'ENABLE_USER_WEBHOOKS' to the database - {} openwebui-1 | 2025-04-03 15:04:16.186 | INFO | uvicorn.protocols.http.httptools_impl:send:476 - 131.152.136.233:0 - "POST /api/v1/auths/admin/config HTTP/1.1" 200 - {} openwebui-1 | 2025-04-03 15:04:16.198 | INFO | uvicorn.protocols.http.httptools_impl:send:476 - 131.152.136.233:0 - "POST /api/v1/auths/admin/config/ldap/server HTTP/1.1" 400 - {} openwebui-1 | 2025-04-03 15:04:16.214 | INFO | uvicorn.protocols.http.httptools_impl:send:476 - 131.152.136.233:0 - "GET /api/config HTTP/1.1" 200 - {} ``` ### Additional Information We get certificates from Let's Encrypt for our LDAP, it shouldn't be mandatory to set a certificate path.

GiteaMirror added the bug label 2025-11-11 16:01:02 -06:00

GiteaMirror closed this issue 2025-11-11 16:01:02 -06:00

GiteaMirror commented 2025-11-11 16:01:03 -06:00

Author

Owner

Copy Link

@tjbck commented on GitHub (Apr 3, 2025):

Most likely addressed with a1f3300767 in dev, testing wanted here!

@tjbck commented on GitHub (Apr 3, 2025): Most likely addressed with a1f3300767898df33c6ebcb002b7ba6060353994 in dev, testing wanted here!

GiteaMirror commented 2025-11-11 16:01:03 -06:00

Author

Owner

Copy Link

@zenorbi commented on GitHub (Apr 4, 2025):

I can confirm that the issue is fixed when I use the dev branch (v0.6.0 + commit be20e6dec0). Thank you for the fix!

@zenorbi commented on GitHub (Apr 4, 2025): I can confirm that the issue is fixed when I use the dev branch (v0.6.0 + commit be20e6dec038d4066fa1400ffe6a3053ad3f7c6c). Thank you for the fix!

GiteaMirror referenced this issue 2025-11-11 17:51:20 -06:00

[PR #4701] [MERGED] fix: RAG with OpenAI embedding models and batch_size environment variable fails silently #8336

Sign in to join this conversation.

No Branch/Tag Specified

Branches Tags

main

dev

backend-outlet

v0.8.10

v0.8.9

v0.8.8

v0.8.7

v0.8.6

v0.8.5

v0.8.4

v0.8.3

v0.8.2

v0.8.1

v0.8.0

v0.7.2

v0.7.1

v0.7.0

v0.6.43

v0.6.42

v0.6.41

v0.6.40

v0.6.39

v0.6.38

v0.6.37

v0.6.36

v0.6.35

v0.6.34

v0.6.33

v0.6.32

v0.6.31

v0.6.30

v0.6.29

v0.6.28

v0.6.27

v0.6.26

v0.6.25

v0.6.24

v0.6.23

v0.6.22

v0.6.21

v0.6.20

v0.6.19

v0.6.18

v0.6.17

v0.6.16

v0.6.15

v0.6.14

v0.6.13

v0.6.12

v0.6.11

v0.6.10

v0.6.9

v0.6.8

v0.6.7

v0.6.6

v0.6.5

v0.6.4

v0.6.3

v0.6.2

v0.6.1

v0.6.0

v0.5.20

v0.5.19

v0.5.18

v0.5.17

v0.5.16

v0.5.15

v0.5.14

v0.5.13

v0.5.12

v0.5.11

v0.5.10

v0.5.9

v0.5.8

v0.5.7

v0.5.6

v0.5.5

v0.5.4

v0.5.3

v0.5.2

v0.5.1

v0.5.0

v0.4.8

v0.4.7

v0.4.6

v0.4.5

v0.4.4

v0.4.3

v0.4.2

v0.4.1

v0.4.0

v0.3.35

v0.3.34

v0.3.33

v0.3.32

v0.3.31

v0.3.30

v0.3.29

v0.3.28

v0.3.27

v0.3.26

v0.3.25

v0.3.24

v0.3.23

v0.3.22

v0.3.21

v0.3.20

v0.3.19

v0.3.18

v0.3.17

v0.3.16

v0.3.15

v0.3.14

v0.3.13

v0.3.12

v0.3.11

v0.3.10

v0.3.9

v0.3.8

v0.3.7

v0.3.6

v0.3.5

v0.3.4

v0.3.3

v0.3.2

v0.3.1

v0.3.0

v0.2.5

v0.2.4

v0.2.3

v0.2.2

v0.2.1

v0.2.0

v0.1.125

v0.1.124

v0.1.123

v0.1.122

v0.1.121

v0.1.120

v0.1.119

v0.1.118

v0.1.117

v0.1.116

v0.1.115

v0.1.114

v0.1.113

v0.1.112

v0.1.111

v0.1.110

v0.1.109

v0.1.108

v0.1.107

v0.1.106

v0.1.105

v0.1.104

v0.1.103

v0.1.102

Labels

Clear labels

bug

core

documentation

enhancement

good first issue

help wanted

non-core

pull-request

Mirrored from GitHub Pull Request

python

question

testing wanted

No Label bug

Milestone

No items

No Milestone

Projects

Clear projects

No project

Assignees

Clear assignees

GiteaMirror ninjasurge

No Assignees

1 Participants

Notifications

Subscribe

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: github-starred/open-webui#4701