Package: phpldapadmin Severity: important Version: 0.9.8.3-8 Tags: security
Hi I have recently upgraded from sarge to etch. I have problem to get the tls option to work. These are the relevant parts of the configuration: $ldapservers->SetValue($i,'server','host','ldaps://ldap.opalsys.net:636/'); $ldapservers->SetValue($i,'server','port','636'); $ldapservers->SetValue($i,'server','tls',true); It works very well if I set host to ldap://ldap.opalsys.net and tls to false. The error I get is: Error Could not start TLS. Please check your LDAP server configuration. LDAP said: Can't contact LDAP server I enabled the logging and it tells [0.000] login.php(17): ldapserver::connect(): Entered with (1,user,) [0.000] login.php(17): ldapserver::_connect(): Entered with (user) [0.000] login.php(16): ldapserver::connect(): Creating new connection [user] for Server ID [0] [0.000] login.php(80): ldapserver::connect(): This IS a "config" login [0.000] login.php(80): ldapserver::connect(): Config settings, DN [cn=browse,dc=opalsys,dc=net], PASS [2b465f26d3125d7f69dc9be516b2b6e1] [0.000] login.php(80): ldapserver::connect(): Config settings, DN [cn=browse,dc=opalsys,dc=net], PASS [2b465f26d3125d7f69dc9be516b2b6e1] [0.000] login.php(17): ldapserver::_connect(): Entered with (user) [0.001] login.php(16): ldapserver::connect(): LDAP Resource [Resource id #18], Host [ldaps://ldap.opalsys.net/], Port [636] [0.000] login.php(17): ldapserver::isTLSEnabled(): Entered with () [0.050] login.php(1): pla_error(): Entered with (Could not start TLS. Please check your LDAP server configuration.,Can't contact LDAP server,-1,1) I have also tried a numerous variants of port, uri settings etc. Nothing helps more than to disable tla. I have libnss-ldap setup with tls enabled and I can access it from many other places, but not from phpldapadmin. You can try for yourself as it is publicly available. I marked it with security as missing encryption support can be seen as a security issue. Regards, // Ola ii php4 4.4.4-8+etch1 server-side, HTML-embedded scripting language (meta-package) ii apache2 2.2.3-4 Next generation, scalable, extendable web server ii phpldapadmin 0.9.8.3-8 web based interface for administering LDAP servers -- --- Ola Lundqvist systemkonsult --- M Sc in IT Engineering ---- / [EMAIL PROTECTED] Annebergsslingan 37 \ | [EMAIL PROTECTED] 654 65 KARLSTAD | | http://opalsys.net/ Mobile: +46 (0)70-332 1551 | \ gpg/f.p.: 7090 A92B 18FE 7994 0C36 4FE4 18A1 B1CF 0FE5 3DD9 / --------------------------------------------------------------- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]