[Samba] PHP ldap_start_tls

Lars Hanke debian at lhanke.de
Sun Jun 29 03:26:43 MDT 2014


Hi Stuart,

just guessing, since you do not provide proper logs and configs. But I 
think that your client (phpldapadmin) doesn't recognize the self-signed 
certificate - which actually is what it is expected to do.

So you have two options:

1) do without TLS - on a trusted network this doesn't hurt and doesn't 
lull you into imagined security from an accept anything configuration.

2) use openssl to set up a primitive CA, use one of those certs for 
samba and make known the CA cert to phpldapadmin. A little more 
complicated, but meets the idea of PKI security.

Regards,
  - lars.



More information about the samba mailing list