Can not connect to LDAPS server from PHP 5.5.4 on Windows 7 64bit, Apache 2.4

0
votes

I can not connect to LDAPS server (3rd party) from PHP (PHP 5.5.4, Apache 2.4, Windows 7 64bit). When I'm trying ldap_bind() function with userdn and password, I receive - Unable to bind to server: Can't contact LDAP server.

I have self-signed certificate from the LDAPS server, but I don't know where to put the PEM file (Base64) or something like conf.file (I have read many answers for this, but nothing works for me - e.g. c:\openldap\sysconf\ldap.conf, TLS_REQCERT never etc.).

Development folder is D:\WebDev where inside is \www folder with projects and \binaries folder with \Apache folder and \PHP folder. PHP is an module for Apache and Apache is started by httpd.exe --standalone --console.

Openssl s_client -connect xxxx -CAfile xxxx to LDAPS server works good, return code is 0. Without -CAfile I fet code 19 (self-signed certificate in certificate chain).

LDAP without SSL works fine for me, I've tried some free online LDAP test server.

1
phpwindowsapachesslldap

1 Answers

0
votes

The problem is solved. Notice: there is no Openldap installation on the machine.

Solution is to set Windows system variable LDAPCONF, value is e.g. c:\users\user\.ldaprc and in the file .ldaprc set the path to certificate e.g. TLS_CACERT c:\users\user\.ssh\ldap-ca.pem or TLS_REQCERT never, both is working.

Then connection script from console or via Apache from browser is running OK.

The default search path for conf is c:\users\user\, but for browser app running via Apache must be set the system variable LDAPCONF.

I hope this help !