Hi,
I'm trying to get secure authentication with Novell EDirectory
running. PHP Version is 4.3.1 compiled with ldap and openssl.
I copied the Novell root-certificate into the OpenSSL Certificate
folder (/etc/ssl/certs) and made sure that the ssl handshake is fine:
# openssl s_client -CApath /etc/ssl/certs -connect servername:636
returns
Verify return code: 0 (ok)
BTW: The files in /etc/ssl/certs are world readable.
After that I configured the openldap-client (ldap.conf) adding:
TLS_CACERTDIR /etc/ssl/certs
to make sure, the ldap client is able to find the trusted certificates
and after that
# ldapsearch -x -H 'ldaps://servername/' -b 'o=baseDN' -D 'cn=myDN' -W
returns some data about me as a directory object
The above steps took me about half a day and I have no idea why this
is not working:
<?php
$ldap = ldap_connect ("ldaps://servername/");
ldap_set_option ($ldap, LDAP_OPT_PROTOC OL_VERSION, 3);
ldap_start_tls ($ldap);
echo "<br />" . ldap_errno ($ldap) . ": " . ldap_error ($ldap);
$bind = ldap_bind ($ldap, $myDN, $myPwd);
ldap_close ($ldap);
?>
This is the output from the code above:
Warning: ldap_start_tls( ): Unable to start TLS: Can't contact LDAP
server...
81: Can't contact LDAP server
Any help or ideas about what might be wrong are really appreciated.
Flo
I'm trying to get secure authentication with Novell EDirectory
running. PHP Version is 4.3.1 compiled with ldap and openssl.
I copied the Novell root-certificate into the OpenSSL Certificate
folder (/etc/ssl/certs) and made sure that the ssl handshake is fine:
# openssl s_client -CApath /etc/ssl/certs -connect servername:636
returns
Verify return code: 0 (ok)
BTW: The files in /etc/ssl/certs are world readable.
After that I configured the openldap-client (ldap.conf) adding:
TLS_CACERTDIR /etc/ssl/certs
to make sure, the ldap client is able to find the trusted certificates
and after that
# ldapsearch -x -H 'ldaps://servername/' -b 'o=baseDN' -D 'cn=myDN' -W
returns some data about me as a directory object
The above steps took me about half a day and I have no idea why this
is not working:
<?php
$ldap = ldap_connect ("ldaps://servername/");
ldap_set_option ($ldap, LDAP_OPT_PROTOC OL_VERSION, 3);
ldap_start_tls ($ldap);
echo "<br />" . ldap_errno ($ldap) . ": " . ldap_error ($ldap);
$bind = ldap_bind ($ldap, $myDN, $myPwd);
ldap_close ($ldap);
?>
This is the output from the code above:
Warning: ldap_start_tls( ): Unable to start TLS: Can't contact LDAP
server...
81: Can't contact LDAP server
Any help or ideas about what might be wrong are really appreciated.
Flo