osixia
Improve readme for TLS connect & public CA certificates
Hi,
I improved the README.md to have PLA works with a openldap with enforced TLS, but with a public certificate configured (like LetEncrypt)
This doesn't really fix https://github.com/osixia/docker-phpLDAPadmin/issues/74, but at least it explains a way to make it work in the readme.
There was two pain points at least :
StartTLS vs TLS
the tls example in the README.md uses {'tls': True, 'port': 636}. This makes actually connect PLA on port 636, but using the StartTLS method.
=> to fix that, without pathing LPA, the only way I found is using full uri ldaps://ldap.example.org. I think such an example should be added in the README.md, and it should make it clearer that StartTLS is used on 'tls': true (bad API design in PLA IMHO)
CA certificates bundle
It would make sense for me to use PHPLDAPADMIN_LDAP_CLIENT_TLS=false, but I found in that case /etc/ldap/ldap.conf points to a non-existing file, and there is no way to use TLS then, as it's not possible to configure the CA certificate (a TLS_CACERT config is required in ldap.conf).
I found that just overriding the ca certs with volume works, so I added a section.
