I am desperately trying to get a LDAPs client in PHP working. My code is in place, and it works using the standard LDAP protocol.
However, when I change ldap://server to ldaps://server, it doesnt work. Setting the debug mode to 7 yeilds this error. I should add that this a linux server using openSSL.
TLS: can't connect: The Diffie Hellman prime sent by the server is not acceptable (not long enough)..
Is there any way to get past this? Changing anything on the LDAP server is not an option as I only have client privlidges on it.
EDIT: Only setting in my LDAP.conf is
TLS_REQCERT never
EDIT2: Here is my code
if(isset($_POST['pass'])){
$username = $_POST['user'];
$password = $_POST['pass'];
ldap_set_option(NULL, LDAP_OPT_DEBUG_LEVEL, 7);
$ds=ldap_connect("ldaps://ldap.ryerson.ca");
//$ds=ldap_connect("141.117.101.14");
ldap_set_option($ds, LDAP_OPT_REFERRALS, 0);
ldap_set_option($ds, LDAP_OPT_PROTOCOL_VERSION, 3) ;
//Check LDAP server for user
if(!@ldap_bind($ds, "uid={$username},ou=people,o=ryerson.ca,o=ryerson", "{$password}") || strlen($password)==0){
// LDAP login was not successful
printf("Sorry, wrong username/password\n\n\n");
return;
}
$ldapSearch=@ldap_search($ds, "ou=people,o=ryerson.ca,o=ryerson", "uid={$_POST['user']}");
$result = @ldap_get_entries($ds, $ldapSearch);
}