Drupal 7 – LDAPS Connection over SSL

I was working on some LDAP integration on a Drupal 7 project I was working on. Everything was smooth, and I was using the default PHP LDAP Library. Things were fine; and I was connecting to our AD and LDS servers like a champ. Being a LDAP newbie, I was quite pleased with myself, but then our beloved SA informed me that I would have to bind via SSL (LDAPS).
This is where the problems began. My development environment is on a Windows box (XP, horrible, I know!) using XAMPP. No matter what I did, I was unable to bind. This may be obvious to a seasoned veteran who has dealt with SSL and LDAP, but being new to both, I had no idea what was going on.

The problem was with my local certificate.

There is a quick workaround, which is sufficient for my development purposes. Remember, this is a workaround, and essentially what you are doing is telling your local environment to ignore the certificate.” Bells should be ringing in your head, as this is a security risk. If you’re doing development work, and don’t have the time to setup a proper certificate authority (CA), then you can do this, but be warned.

All you have to do is create a file at the following location:

C:\openldap\sysconf\ldap.conf

(If you search online for this path, you will see that this value is hardcoded. It is possible to change this location, but it’s beyond the scope of this post.)

In that file, add the following line:

TLS_REQCERT never

… and voila, you can bind with PHP ldap_bind to an ldaps URL.