ID: 18049
Comment by: hkemale at hkem dot com
Reported By: twerner at fh-bingen dot de
Status: Closed
Bug Type: LDAP related
Operating System: Windows 2000 Advanced Server
PHP Version: 4.2.1
Assigned To: edink
New Comment:
i use perl LDAPS() function verify => 'none'
work fine but in php i can only use ldap:// instead of ldaps://. There
is no error displayed.
Previous Comments:
------------------------------------------------------------------------
[2003-05-17 15:36:06] hsolano at zequel dot com
It is not clear, if after version 4.2.1, ldap is being compiled with
ssl support for Windows. I am trying to use 4.3.1 binaries to connect
to Active Directory; ldap_connect('ldap://hostname') works fine but I
am not able to bind with a ldaps://hostname connection.
------------------------------------------------------------------------
[2003-02-04 18:09:07] dhh at vt dot edu
The error "TLS: error:14094418:SSL routines:SSL3_READ_BYTES:tlsv1 alert
unknown ca
s3_pkt.c:964" in the SSL debug output is a red herring. PHP is not
sending a client cert or doing anything with client certs. The problem
here is PHP does not trust the server, as it does not have the LDAP
server's public certificate. What you need to do is create the file
"c:\OpenLDAP\sysconf\ldap.conf" with the single line "TLS_CACERT
c:\path\to\server.cert" where server.cert is the cert of the LDAP
directory to which you are trying to connect. With that in place,
ldaps should work.
------------------------------------------------------------------------
[2002-10-16 14:40:53] twerner at fh-bingen dot de
It seems to work under certain circumstances as you can read in my
previous post (12 Oct 5:35am). I tested it only with OpenLDAP-server,
because I don't have access to an Novell Edirectory-Server at the
moment. I will test it again in the future and post the results here.
------------------------------------------------------------------------
[2002-10-14 17:38:11] [EMAIL PROTECTED]
Were you able to make it work? I'm asking since getting openldap libs
to compile on windows with SSL support is a non-trivial task.
------------------------------------------------------------------------
[2002-10-12 10:42:43] twerner at fh-bingen dot de
OK, since the dll is now compiled with ssl-support, PHP is not the
problem any longer.
Just one last question: Will the ssl-support for the win32-version be
integrated in future php-releases?
------------------------------------------------------------------------
The remainder of the comments for this report are too long. To view
the rest of the comments, please view the bug report online at
http://bugs.php.net/18049
--
Edit this bug report at http://bugs.php.net/?id=18049&edit=1
