Secure LDAP Problem

[saf]

Hi,

I managed to get LDAP working on my server, I realized that in order to change a user's password on Active Directory, I need to make a secure connection to LDAP (This is where the problem comes in).

 

Here is what I have done so far:

1.) Enabled "php_ldap.dll" in php.ini

2.) Copied required dll's into the system path

3.) Created an SSL certificate using SelfSSL

4.) Exported the certificate using Certificate Authority

5.) Converted the certificate from .cer to .pem using OpenSSL

6.) Created "C:\OpenLDAP\sysconf" directory

7.) Created "ldap.conf" in the above mentioned directory

8.) Entered the following lines in ldap.conf:

TLS_REQCERT never

TLS_CACERT C:\OpenLDAP\sysconf\certs\certificate.pem

TLS_CACERTDIR C:\OpenLDAP\sysconf\certs

9.) Restarted the server

 

The environment I am running on:

Windows Server 2003 R2 Standard Edition /w SP2

IIS 6.0

PHP 5.2.3

 

Actual Problem:

I can neither bind using the "ldaps://" protocol nor can I establish ldap_start_tls($conn). Binding with "ldap://" works fine, but will not let me change password in a non-secure mode.

 

I need to implement this system asap, so any and all help will be greatly appreciated.