[ZendTo] Re: Anyone doing ZendTo on Solaris?
John Thurston
john.thurston at alaska.gov
Wed Jan 23 20:33:26 GMT 2013
I have the application running but am unable to get ldaps working. It is
failing to validate the certificate:
> Warning: ldap_start_tls(): Unable to start TLS: Connect error in /opt/ZendTo/lib/NSSLDAPAuthenticator.php
and
> TLS: can't connect: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed (self signed certificate in certificate chain).
I'm running Solaris 10 and have used opencsw packages for:
CSWapache2
CSWap2-modphp5
CSWap2-modphp5
CSWphp5-sqlite
CSWphp5-ldap
CSWphp5-json
CSWphp5-pdosqlite
CSWphp5-openssl
CSWopenldap-client
with openssl, I can validate the cert on the directory server:
> openssl s_client -connect ldap.foo.us:636 -CApath /opt/csw/ssl/certs
but openssl will not validate the cert without the -CApath option. This
makes me think that PHP is also ignorant of where to find the root
certificates.
I can't figure out how or where to tell PHP to look at this directory of
hashed root certificates. Am I barking up the wrong tree? Can anyone
give me a clue?
--
Do things because you should, not just because you can.
John Thurston 907-465-8591
John.Thurston at alaska.gov
Enterprise Technology Services
Department of Administration
State of Alaska
More information about the ZendTo
mailing list