Score:0

PHPLDAPAdmin Error: Could not start TLS. Please check your LDAP server configuration

om flag
Ror

We use phpldapadmin with Openldap on Debian 9. We use Let's Encrypt certificates on Openldap. Since the expiration of the IdentTrust DST Root CA X3, we experienced a shutdown of our LDAP System. We managed to make it work by updating the certificates and truststores but it seems that phpldapadmin does not work since then. When I try to connect to my admin user, I get :

Error: Could not start TLS. Please check your LDAP server configuration.
Unable to connect to LDAP server myldapdomain.com
Error: Can't contact LDAP server (-1) for user
Failed to Authenticate to server
Invalid Username or Password.

I used to have this configuration for TLS in the config.php file :

$servers->setValue('server','host','myldapdomain.com');
$servers->setValue('server','tls',true);

After searching a bit on the web, I changed the configuration to :

$servers->setValue('server','host','ldaps://myldapdomain.com');
#$servers->setValue('server','tls',true);

Which made it work somehow ? I'm not sure why the old configuration is not working anymore. Is the new configuration secure ? I suppose so since we use ldaps://

ps : I checked with ldapsearch and openssl s_client and the certificate is ok on the LDAP server, I can connect.

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.