Hello,

I am attempting to connect to an LDAPS server from php in apache, and I can't get it to work. Here is some information:

[root@system html]# cat /etc/redhat-release 
Scientific Linux release 6.1 (Carbon)

When I run the file in the CLI, I get a successful bind and connection to the ldap server - it works as expected.

However, when I load the EXACT same code in a browser through apache, I get a "cannot bind" error.  Here is some output I get, when I set "ldap_set_option(NULL, LDAP_OPT_DEBUG_LEVEL, 7);" in the code:

ldap_create
ldap_url_parse_ext(ldaps://[redacted].ca)
ldap_bind_s
ldap_simple_bind_s
ldap_sasl_bind_s
ldap_sasl_bind
ldap_send_initial_request
ldap_new_connection 1 1 0
ldap_int_open_connection
ldap_connect_to_host: TCP [redacted]:636
ldap_new_socket: 51
ldap_prepare_socket: 51
ldap_connect_to_host: Trying [redacted]:636
ldap_pvt_connect: fd: 51 tm: -1 async: 0
TLS: could not initialize moznss - error -8192:Unknown code ___f 0.
TLS: could perform TLS system initialization.
TLS: error: could not initialize moznss security context - error -8192:Unknown code ___f 0
TLS: can't create ssl handle.
ldap_err2string
ldap_err2string


I have also used the exact same code on an apple laptop running apache and it works fine. I have changed the URL to point to an ldap:// uri and that works fine as well. I suspect there is something screwy with the ssl implementation for apache specific to this version...?

In any case, I haven't a clue how to proceed. I cannot find this anywhere on google, but maybe my google-fu isn't up to snuff today.

Thanks for any help! If I find a solution on my own I'll reply to this message for future readers ;)

Christopher Tooley
[log in to unmask]
Systems, HEP/Astronomy UVic