Title: Issues with LDAPS Last modified: August 3, 2018 --- # Issues with LDAPS * [sg83](https://wordpress.org/support/users/sg83/) * (@sg83) * [7 years, 10 months ago](https://wordpress.org/support/topic/issues-with-ldaps/) * Hello, * I’m trying to connect from the NADI plugin to my Windows Active Directory domain controllers via LDAPS and having no success. Just a little background… CentOS 7 server running PHP 7.1 and latest WordPress version. Trying to connect to Server 2012 R2 domain controllers via LDAPS. Things I’ve tried/ruled out: * 1) I’ve confirmed I have configured LDAPS fine on my domain controllers (generated/ installed certs, and confirmed I’m able to use LDAPS from a different server: my Barracuda appliance). So, in general, LDAPS is prepped and ready. 2) I’ve confirmed from my CentOS 7 WordPress server that I can reach my domain controllers over all the essential LDAP/LDAPS ports: 389, 636, 3268, 3269 by using nc (netcat). 3) I’ve followed this guide to the best of my ability: [https://active-directory-wp.com/docs/Networking/Encryption_with_TLS.html](https://active-directory-wp.com/docs/Networking/Encryption_with_TLS.html) and had no success. I was able to query my domain controller for its certs just fine using the command: openssl s_client -debug -connect $DOMAIN_CONTROLLER:636- showcerts 4) I believe I have ruled out SELINUX being the cause, as the issue happens whether in permissive mode or not. 5) Regular LDAP without encryption works fine, so that confirms I have all my connection settings configured properly in the NADI plugin. * Regardless of what I try, the NADI logs show that LDAPS results in a “bind to Active Directory failed” and “AD: Can’t contact LDAP server”. My best guess is that it is still struggling with my domain controller’s self-signed certificate. Again, I followed the NADI manual to the best of my ability… must be missing something… any help would be appreciated. Thanks! Viewing 5 replies - 1 through 5 (of 5 total) * [sksoftwaredev](https://wordpress.org/support/users/sksoftwaredev/) * (@sksoftwaredev) * [7 years, 10 months ago](https://wordpress.org/support/topic/issues-with-ldaps/#post-10589361) * I’ve been having the same issue, but so far haven’t made any progress. Any luck yourself? * Thread Starter [sg83](https://wordpress.org/support/users/sg83/) * (@sg83) * [7 years, 10 months ago](https://wordpress.org/support/topic/issues-with-ldaps/#post-10589418) * Yessir. After much googling I was able to fix the problem editing: * /etc/openldap/ldap.conf * And adding “TLS_REQCERT allow” * That fixed LDAPS for me with self-signed certs. * [sksoftwaredev](https://wordpress.org/support/users/sksoftwaredev/) * (@sksoftwaredev) * [7 years, 10 months ago](https://wordpress.org/support/topic/issues-with-ldaps/#post-10589448) * Rats. Still no dice for me. * Are you using a cert published by your domain controller itself? We purchased a third-party cert (GoDaddy, if that’s important). * Thread Starter [sg83](https://wordpress.org/support/users/sg83/) * (@sg83) * [7 years, 10 months ago](https://wordpress.org/support/topic/issues-with-ldaps/#post-10589461) * I created all my certs on OpenSSL from my Centos7 server. I created a wildcard cert to use on my DCs and I created a cert to use on my CentOS7 server for my Apache virtual host. * Have you confirmed all the basics? Disabled SELINUX or set it to permissive? Confirmed from Linux directly that you can communicate with the LDAPS ports on your DCs? * [sksoftwaredev](https://wordpress.org/support/users/sksoftwaredev/) * (@sksoftwaredev) * [7 years, 10 months ago](https://wordpress.org/support/topic/issues-with-ldaps/#post-10589464) * I should specify that I’m using Windows Server 2016, not Linux. Your issue sounded so similar to mine that I suppose I overlooked that, haha. Viewing 5 replies - 1 through 5 (of 5 total) The topic ‘Issues with LDAPS’ is closed to new replies. * ![](https://ps.w.org/next-active-directory-integration/assets/icon-256x256.png? rev=2517660) * [Next Active Directory Integration](https://wordpress.org/plugins/next-active-directory-integration/) * [Frequently Asked Questions](https://wordpress.org/plugins/next-active-directory-integration/#faq) * [Support Threads](https://wordpress.org/support/plugin/next-active-directory-integration/) * [Active Topics](https://wordpress.org/support/plugin/next-active-directory-integration/active/) * [Unresolved Topics](https://wordpress.org/support/plugin/next-active-directory-integration/unresolved/) * [Reviews](https://wordpress.org/support/plugin/next-active-directory-integration/reviews/) * 5 replies * 2 participants * Last reply from: [sksoftwaredev](https://wordpress.org/support/users/sksoftwaredev/) * Last activity: [7 years, 10 months ago](https://wordpress.org/support/topic/issues-with-ldaps/#post-10589464) * Status: not resolved