On 11/23/2010 03:03 PM, Laurent Roudier wrote:
> The PHP message I got is :
> Warning: ldap_bind(): Unable to bind to server: Can't contact LDAP server in
> /var/www/html/php.php on line 27
>
>
> I'm not sure if php is using /etc/openldap/ldap.conf, I didn't found the way or
> the log to know were the php ldap module get the path to this file. I try to put
> it directly on etc, but I got the same error
If you don't know, you'll just have to read the php documentation to
figure out how to set the certificate used by ldap and other TLS/SSL
options.
>
>
> On 11/21/2010 09:41 AM, Laurent Roudier wrote:
>> Hi everybody,
>> I try to setup a 389 DS server and made it work with a web server. My current
>> configuration is :
>> fedora 14 (2.6.35.6-48.fc14.i686)
>> 389-admin-1.1.11-1.fc14.i686
>> 389-ds-console-doc-1.2.3-1.fc14.noarch
>> 389-adminutil-1.1.10-2.fc14.i686
>> 389-ds-console-1.2.3-1.fc14.noarch
>> 389-ds-base-1.2.6.1-2.fc14.i686
>> 389-console-1.1.4-1.fc14.noarch
>> 389-ds-1.2.1-1.fc14.noarch
>> 389-admin-console-1.1.5-1.fc14.noarch
>> 389-admin-console-doc-1.1.5-1.fc14.noarch
>> 389-dsgw-1.1.5-2.fc14.i686
>>
>> I setup 389 without any probleme
>> I add certificate and secure connection with the used of setupssl2.sh script.
>> So if I use this php script, it work without any problem
>> <?php
>> $ldaprdn = DN
>> $ldappass = password
>> $ldapconn = ldap_connect("ldap://localhost");
>> if ($ldapconn) {
>> if ($ldapbind) {
>> echo "<P>bind LDAP OK</P>";
>> } else {
>> echo "<P>bind LDAP KO</P>";
>> }
>> }
>> else
>> {
>> echo "<P>fail</P>";
>> }
>> ?>
>>
>> if a change "ldap://localhost" by "ldaps://localhost", it fail and the log of
>> 389 is
>>
>> [21/Nov/2010:16:53:54 +0100] conn=1 fd=64 slot=64 SSL connection from
>> ::1
>> to ::1
>> [21/Nov/2010:16:53:54 +0100] conn=1 op=-1 fd=64 closed - Encountered
> end
>> of file.
> Where do you specify the CA certificate and other security options, if any?
> Can you turn up php logging?
>> if a change "ldap://localhost" by "localhost",636, it hang, I must restart
>> dirsvr and the log of 389 is
>>
>> [21/Nov/2010:15:43:38 +0100] conn=3 fd=65 slot=65 connection from
> ::1
>> to ::1
>> [21/Nov/2010:15:43:38 +0100] conn=3 op=0 EXT
>> oid="1.3.6.1.4.1.1466.20037" name="startTLS"
>> [21/Nov/2010:15:43:38 +0100] conn=3 op=0 RESULT err=0 tag=120
>> nentries=0 etime=0
>> [21/Nov/2010:15:43:38 +0100] conn=3 op=-1 fd=65 closed - Encountered
>> end of file.
>>
>>
>> I try several thinks, changing the certificate,
> How do you change the certificate?
>> the file /etc/openldap/ldap.conf
>> but nothing is working.
> Does php use /etc/openldap/ldap.conf?
>> Please help me
>>
>> Laurent
>>
>>
>
>
>
> --
> 389 users mailing list
> 389-users@lists.fedoraproject.org
> https://admin.fedoraproject.org/mailman/listinfo/389-users
--
389 users mailing list
389-users@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/389-users
SSl connection to 389 DS server
