tags:

views:

16

answers:

1

I'm trying to bind to an LDAP server using PHP. It's a fairly straightforward process, except that I can't get around a certificate error that I'm getting. My auth credentials are fine, since I can connect to the server with Apache Directory Studio. Is there any way to just automatically accept the server cert? Similar to how you click "Accept this cert.." with Apache directory studio? I know it's not good security, but I just need to make it work at this point and can square away the cert issue later.

Thanks

A: 

Use a web browser, point at ldaps://ipaddress/

when the cert pop up box shows up, view the cert, look at the cert chain, find the trusted root (not the specific cert being used, rather the parent who signed it) then export THAT cert. Save in in PEM and B64 format. (Binary and B64 encoded).

Then use that to get it into the PHP keystore format, whichever that is. Java keystores are easy. Not sure what PHP uses.

geoffc