February 23, 2005
PHP 5 + SSL Over LDAP Fix
When I upgraded to PHP 5 from PHP 4, secure connections to the LDAP server on campus kept failing. In order to get LDAP communication in PHP 5 to work, I had to use non-encrypted communication, which of course is insecure. To get PHP 5 + SSL over LDAP working, simply do the following:
- Add
TLS_REQCERT neverto your ldap.conf file (usually /etc/openldap/ldap.conf) - Recompile PHP 5 (make sure to do a `make clean`)
Update 1 (2005-02-24)
If you have already installed PHP 5, you will need to reconfigure PHP 5 from scratch. Simply doing a `make clean` is not enough! You need to follow the `make clean` by deleting the config.cache and config.guess files. Then, run `configure` with all of your parameters. - Install the module and restart the web server
Although the fix is simple, it took me many hours to discover it. Hopefully by publishing this I can save somebody from doing the same.
I'm sure there is an alternate fix involving importing the LDAP certificate to a trusted certs file, but I am not an SSL guru. If you know how to fix it using this method, by all means, leave a comment.
Trackback
You can ping this entry by using http://blog.case.edu/gps10/mt-tb.cgi/501 .