0

Hie all
I am trying to setup Ldap over SSL using the Windows Ldp utility on a Windows 2008 R2 domain controller which is also the Enterprise root CA. When I try to bind securely using the IP address(192.168.0.2) I get the following error:"The certificate received from the remote server does not contain the expected name. It is therefore not possible to determine whether we are connecting to the correct server. The server name we were expecting is 192.168.0.2. The SSL connection request has failed. The attached data contains the server certificate." However when I use the computers full name MTC-DC.domainname I bind securely. I am a newbie to Microsoft Certificates and all.
Any help please

3
Contributors
3
Replies
5
Views
4 Years
Discussion Span
Last Post by CimmerianX
2

It sounds like that you used the computer's name in the subject line if the cert which is fine. Therefore, connecting via the host name produces the results as expected. If you connect via any other name rather than what is in the cert will produce warnings/errors. I don't see an issue here.

0

the thing is I am trying to connect via php and from there its not binding even when I use the full computer name.

1

Unless I'm missing something.... It doesn't matter what tool you are using, ultimately, you are still trying to establish a secure ldap session using the fqdn on the cert.

A few things to remember, you need to trust the root CA (your CA Server). If your php solution doesn't take this into account, you will get warnings.

Also, the php solution must use the name on the cert. IP addresses or netbios names will not work.

Votes + Comments
thanks for the reply. Apart from compiling PHP with ldap enabled on Apache is there something that I am supposed to do
This topic has been dead for over six months. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.