On Wed, Sep 04, 2002 at 02:26:49PM +0200, Søren Henning Dalgaard wrote: > I can make an ldap_connect with the ldaps://hostname/ parameter but what > next: > How can make an ldap_bind command? > How can I encrypt and decrypt the data?
When using ldaps:// all communications are through SSL, you do bind etc as usual and your data will be tunneled through SSL. > How do I specify a key/certificate for encrypting and decrypting? For SSL and the necessary encryption you only need a certificate at the server. It seems you have done this, that is enough for the communications to be encrypted. You may want to give your client a certificate for the CA that signed the server certificate, see my mail on LDAP and SSL on php-general from Aug 26th (and the mail I replied to). It is also possible to give the client a certificate if you want the server to know which client it is talking to. For details on LDAP and SSL I suggest you look at OpenLDAP docs, in OpenLDAP list archives etc. Doing SSL with OpenLDAP is the same when using PHP and other tools. Using ldaps:// in the connect is similar to using -H ldaps:// to OpenLDAP tools like ldapsearch etc. Stig -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
