1
Installation / LDAPS - Ignore certificate ?
« on: February 07, 2020, 09:16:19 am »
Hi,
Following microsoft announcement over LDAP channel binding / signing requirements
https://support.microsoft.com/en-us/help/4520412/2020-ldap-channel-binding-and-ldap-signing-requirement-for-windows
I'm trying to move my working LDAP configuration to LDAPs.
Changing the servers to ldaps:// and port to 636 didn't work. The error message doesn't really help so I thought about a certificate error (Nedi doesn't know our AD certificates)
I didn't find the option to ignore server cert in nedi.conf
I found ideas with google, like putting "TLS_REQCERT never" in /etc/ldap/ldap.conf but that didn't work. I even tried to modify the php file by adding "putenv('LDAPTLS_REQCERT=never');" before ldap_connect same thing.
Did anyone manage to make it work ?
Following microsoft announcement over LDAP channel binding / signing requirements
https://support.microsoft.com/en-us/help/4520412/2020-ldap-channel-binding-and-ldap-signing-requirement-for-windows
I'm trying to move my working LDAP configuration to LDAPs.
Changing the servers to ldaps:// and port to 636 didn't work. The error message doesn't really help so I thought about a certificate error (Nedi doesn't know our AD certificates)
I didn't find the option to ignore server cert in nedi.conf
I found ideas with google, like putting "TLS_REQCERT never" in /etc/ldap/ldap.conf but that didn't work. I even tried to modify the php file by adding "putenv('LDAPTLS_REQCERT=never');" before ldap_connect same thing.
Did anyone manage to make it work ?