Welcome, Guest. Please login or register.

Author Topic: LDAPS - Ignore certificate ?  (Read 78 times)

michael

  • Newbie
  • *
  • Posts: 1
    • View Profile
LDAPS - Ignore certificate ?
« on: February 07, 2020, 09:16:19 AM »
Hi,
 
Following microsoft announcement over LDAP channel binding / signing requirements
https://support.microsoft.com/en-us/help/4520412/2020-ldap-channel-binding-and-ldap-signing-requirement-for-windows
 
I'm trying to move my working LDAP configuration to LDAPs.
Changing the servers to ldaps:// and port to 636 didn't work. The error message doesn't really help so I thought about a certificate error (Nedi doesn't know our AD certificates)
 
I didn't find the option to ignore server cert in nedi.conf
 
I found ideas with google, like putting "TLS_REQCERT never" in /etc/ldap/ldap.conf but that didn't work. I even tried to modify the php file by adding "putenv('LDAPTLS_REQCERT=never');" before ldap_connect same thing.
 
 
Did anyone manage to make it work ?