Hi JK,
please make sure that you have a symbolic link from
/etc/openldap/ldap.conf to /etc/ldap.conf. Sometimes Apache uses this file.
Did you try to import the certificate in LAM's main configuration?
LAM will then put it in its own trusted certificates list and give it to
Apache.
Best regards
Roland
Am 14.12.24 um 05:30 schrieb Joshua Kramer:
Hello All-
I'm having a strange issue where, for whatever reason, LAM cannot verify
the certificate I'm using for TLS on my Samba4 AD server. I have my own CA
as well as a server cert.
If I do the following, openssl happily validates the cert:
openssl s_client -connect dc:389 -starttls ldap -showcerts
If I write a Python script using the python-ldap library, that python-ldap
library can initiate a TLS connection and retrieve user attributes without
a problem.
If I write a simple PHP script that only connects to the Samba server and
initiates TLS, I can get that PHP script to work (and initiate TLS) by
either setting an option /etc/openldap/ldap.conf, OR setting the
LDAP_OPT_X_TLS_NEVER option for LDAP_OPT_X_TLS_REQUIRE_CERT on the ldap
connection, OR putenv('LDAPTLS_REQCERT=never'). But if I try any (or all)
of these three options, it does NOT affect LAM. (I tried putting the code
right before LAM starts TLS in accounts.inc file.) I am running this PHP
test script as well as LAM from php-fpm under nginx.
Thanks!
-JK
_______________________________________________
Lam-public mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/lam-public
_______________________________________________
Lam-public mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/lam-public
