Zimbra and ldap_start_tls

[haloflightleader]

Hello Everyone,

 

I need your help. I don't know how to fix this problem. I'm trying to connect to Zimbra's (6.0.5) LDAP server.

 

When I run ldapsearch from the webserver that's supposed to host the web app I'm developing, it runs just fine:

ldapsearch -x -v -H 'ldap://hostname' -D 'uid=zimbra,cn=admins,cn=zimbra' -b "dc=com" "zimbraMailForwardingAddress=user@domain" mail -W | less

 

This means that the cacert I installed on this Linux server is working just fine.

 

However, when I try to do this in PHP:

$c = ldap_connect("hostname") or die("Peter cannot connect to LDAP server.");

ldap_set_option($c, LDAP_OPT_PROTOCOL_VERSION, 3);

ldap_set_option($c, LDAP_OPT_REFERRALS, 0);

ldap_start_tls($c);

$bind = ldap_bind($c, $user, $pass);

 

I keep getting:

Mar 12 16:01:36 localhost httpd: PHP Warning:  ldap_start_tls() [<a href='function.ldap-start-tls'>function.ldap-start-tls</a>]: Unable to start TLS: Connect error in /var/www/html/ldap.php on line 14

Mar 12 16:01:37 localhost httpd: PHP Warning:  ldap_bind() [<a href='function.ldap-bind'>function.ldap-bind</a>]: Unable to bind to server: Can't contact LDAP server in /var/www/html/ldap.php on line 15

 

This is in /etc/openldap/ldap.conf:

TLS_CACERT      /etc/openldap/cacerts/ca.cer