如何解决ldap_start_tls()“无法启动TLS:连接错误”在PHP? [英] How do I solve ldap_start_tls() "Unable to start TLS: Connect error" in PHP?
问题描述
我得到:
警告:ldap_start_tls()
[function.ldap-start-tls]:Unable to
start TLS:在第Y行的
/var/www/X.php中连接错误
Warning: ldap_start_tls() [function.ldap-start-tls]: Unable to start TLS: Connect error in /var/www/X.php on line Y
etc / ldap / ldap.conf:
/etc/ldap/ldap.conf:
TLS_CACERT /etc/ssl/certs/ca.crt
ca.crt
是签署LDAP服务器证书的CA。
ca.crt
is the CA which signed the LDAP server certificate. The certificate on the LDAP server is expired and I can't change it.
推荐答案
您可以通过下列方式忽略Windows中的有效性:
You can ignore the validity in windows by issuing
putenv('LDAPTLS_REQCERT=never');
在* nix中,您需要修改 /etc/ldap.conf
以包含
in your php code. In *nix you need to edit your /etc/ldap.conf
to contain
TLS_REQCERT never
另一件需要注意的是,它需要版本3 php default):
Another thing to be aware of is that it requires version 3 (version 2 is php default):
$con = ldap_connect($hostnameSSL);
ldap_set_option($con, LDAP_OPT_PROTOCOL_VERSION, 3);
要更好地了解发生了什么,您可以通过以下方式启用调试日志记录:
To get a better idea of what's going on, you can enable debug logging by:
ldap_set_option(NULL, LDAP_OPT_DEBUG_LEVEL, 7);
这可以在 ldap_connect
这篇关于如何解决ldap_start_tls()“无法启动TLS:连接错误”在PHP?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!