Trying to use SSL with LDAP authentication, I keep seeing connection attempts failing in the server log:
May 18 23:52:49 lemongrab slapd[5666]: conn=162733 fd=21 ACCEPT from IP=192.168.244.129:52174 (IP=0.0.0.0:636)
May 18 23:52:49 lemongrab slapd[5666]: conn=162733 fd=21 closed (TLS negotiation failure)
Works fine without SSL, and other applications are using SSL so I'm thinking it's a trust issue with the SSL certificate (which is signed by our internal CA.)
I'm using PHP 7, Laravel 5.2 and Adldap 2.
So, how do I specify a trusted CA cert for Adldap to use?
To avoid the security risk, you should get the certificate used by your OpenLDAP server, copy it to the server running PHP, and reference it in the /etc/ldap/ldap.conf file using
TLS_CACERT /path/to/openldap/cacert.pem