On Wed, Sep 04, 2002 at 02:26:49PM +0200, Søren Henning Dalgaard wrote:
> I can make an ldap_connect with the ldaps://hostname/ parameter but what
> next:
> How can make an ldap_bind command?
> How can I encrypt and decrypt the data?

When using ldaps:// all communications are through SSL, you do bind
etc as usual and your data will be tunneled through SSL.

> How do I specify a key/certificate for encrypting and decrypting?

For SSL and the necessary encryption you only need a certificate at
the server. It seems you have done this, that is enough for the
communications to be encrypted. You may want to give your client a
certificate for the CA that signed the server certificate, see my
mail on LDAP and SSL on php-general from Aug 26th (and the mail I
replied to). It is also possible to give the client a certificate if
you want the server to know which client it is talking to.

For details on LDAP and SSL I suggest you look at OpenLDAP docs, in
OpenLDAP list archives etc. Doing SSL with OpenLDAP is the same
when using PHP and other tools. Using ldaps:// in the connect is
similar to using -H ldaps:// to OpenLDAP tools like ldapsearch etc.


PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Reply via email to