On Jul 10, 2006, at 6:24 AM, Jari Majander wrote:
Hello, I am trying to connect to an OpenLDAP server from Roundcube using SSL. However, the SSL connection is never properly initialized due to
error 81 from the LDAP server. If I tryopenssl s_client -connect ldap.example.com:636 -showcerts -state -ssl3 -CAfile cacerts.pem
This doesn't sound like a roundcube issue. What you probably need to
do is import the self signed cert/ca into your ca-bundle. This file
lists all the trusted sources for certs. If the cert cant be trusted,
the connection shouldn't be opened, thus you have the failure mode
you describe.
In the above example you're specifying a CAfile, if you don't do that
you'll see that openssl doesn't consider your self signed cert valid.
Depending on operating system you'll need to figure out where your
list of trusted certs is kept and append the PEM format of your CA to
it. Then, you should be able to connect via openssl without
specifying a CAfile and the php ldap bind should work. Backup files
before changing them :)
-- J.