[Date Prev][Date Next] [Chronological] [Thread] [Top]

ldap clients accessing ldap.conf

When an external client that uses the libldap library creates
a new ldap connection, should it load up configuration values from
the system ldap.conf file?

In my particular case, I want to set the "TLS_CACERTDIR" to my SSL
certificate directory so that it knows where to find my trusted certs.
The ldap* tools have no problem with this, however, I can not get 
auth_ldap (for Apache) or PHP to connect to the slapd server because
it can't verify the authenticity of the server's certificate.

Currently, the only way I can figure out how to do it now is to add functionality
in both PHP and auth_ldap to call ldap_int_tls_config and set LDAP_OPT_X_TLS_CACERTDIR
manually.  I don't want to do this if I don't have to. 

Can anyone help?