httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Jérémy ESCOLANO <jeremyescol...@gmail.com>
Subject Re: [users@httpd] Configuring apache to use LDAP over SSL on PHP
Date Fri, 11 Jun 2010 09:17:18 GMT
Thank you for your help, I wen't a bit deeper with my problèm

Here is what I did:
On my openLDAP server :
slapd.conf:
#cert requested for the ldapserver
TLSCertificateFile      ./ssl2/srvLDAP.cer
TLSCertificateKeyFile   ./ssl2/srvLDAP.key
#CA cert
TLSCACertificateFile    ./ssl2/cacert.cer
TLSVerifyClient         never

ldap.conf:

TLS_CACERT      ./ssl2/cacert.cer
TLS_REQCERT     never

then,on the apache server, i created a folder C:\openldap\sysconf and inside
this folder a file ldap.conf:

TLS_CACERT ./ssl/cacert.cer
TLS_REQCERT     never

It does WORK BUT it doesn't verify the certificate. I need now to make it
work with the certificate,

I know I have to change TLS_CACERT ./ssl/cacert.cer never to TLS_CACERT
./ssl/cacert.cer demand

But I think I also need to specify the certificate (and the key), I created
for my apache server...

But how ?

I just want to make clear that I don't wan't to do LDAP authentification
with an apache folder but just do LDAPS with PHP.

I thank you in advance.




2010/6/10 Tom Evans <tevans.uk@googlemail.com>

> On Thu, Jun 10, 2010 at 1:11 PM, Jérémy ESCOLANO
> <jeremyescolano@gmail.com> wrote:
> > Actually this is about configuring Apache server to allow it to
> communicate
> > with LDAP server, that is why i'm asking here, but of course I'll try to
> get
> > so help on PHP list.
> > Though, I heard about a ldaprc and ldap.conf file for apache? somebody
> can
> > give me informations about these files ? (what are they used for, and in
> > which folder do we have to put them ?(on windows server)
> > Thanks
> >
>
> .ldaprc is a per-user configuration file for using configuring the
> tools of openldap. It should be in your home directory.
> ldap.conf is a per-system configuration file for doing the same thing
> as .ldaprc. On Unix, it is installed in $PREFIX/etc/openldap/ldap.conf
> .
> Both these files can be used to supply configuration settings for
> connecting to an LDAP server.
>
> You never mention it is for apache to communicate with LDAP, you
> showed us your slapd.conf, some PHP code and an error from your PHP
> code.
>
> If you want to do apache authentication with LDAP, then you had better
> say so, say what you've tried, and provide the  appropriate error
> messages apache gives you.
>
> Cheers
>
> Tom
>
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP Server Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>   "   from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
>
>

Mime
View raw message