XAMPP 7.0.4 PHP 7 LDAPS Connection can't bind LDAP works fine

0
votes

My connection to our Domain Controllers via LDAP is fine however when I try to connect via LDAPS it fails to bind. I've added the c:\OpenLDAP\sysconf\ldap.conf path and file and tried adding this "TLS_REQCERT never" to that file as several sites have suggested but no luck.

The code I'm using is the same as below modified for my environment

<?php
    $con = @ldap_connect('ldaps://the.ldap.server', 636);
    ldap_set_option($con, LDAP_OPT_PROTOCOL_VERSION, 3);
    ldap_set_option($con, LDAP_OPT_REFERRALS, 0);
    var_dump(@ldap_bind($con, '[email protected]', 'password'));
?>

Just wondering if anyone else has come up against this issue and found a way around it at all?

1
ldapxampp
Does the LDAP-Server have a self-signed certificate? Then you'll need to add that to the certificate-chain. It's easier than getting TLS_REQCERT up and running I found :( - heiglandreas
It has a PKI certificate I believe not sure how I'd get the cert into the chain though? - Wes Wakeman
Right I've got the cert from the server in question I've added the line to point ldap at the cert i've even installed the cert but it still isn't working? Very odd. - Wes Wakeman
As it's a windows installation as far as I see it it's a bit tedious. Have you searched for "AD ldaps php"? - heiglandreas
I have but without any luck - Wes Wakeman

1 Answers

0
votes

Got the cert from the DC,

I created a c:\openldap\sysconf folder, added the following ldap.conf file:

#--begin--

# Instruct client to NOT request a server's cert.
TLS_REQCERT never

# Define location of CA Cert
TLS_CACERT c:\openldap\sysconf\trusted cert.pem
TLS_CACERTDIR c:\openldap\sysconf\

#--end--

put the trusted cert in the location I listed in the file and restarted XAMPP and it was happy.