How to get LDAP StartTLS working from within Docker container?

[dsclassen]

My LDAP server is configured to only allow TLS connections.
I have mounted the CA certificate and ldap.conf files into the docker container in an effort to get $ldap_starttls = true; to work:

docker run -d -p 8888:80 -v ./conf/ssp.conf.php:/var/www/conf/config.inc.local.php -v ./ldap/ldap.conf:/etc/ldap/ldap.conf -v ./ldap/ourCA.crt:/etc/ldap/certs/ourCA.crt  ltbproject/self-service-password:latest

but obviously this isn't helping...

[Mon Aug 05 19:50:57.206218 2024] [php:notice] [pid 20] [client 192.168.1.104:48244] Module Zxcvbn successfully loaded, referer: https://example.com/ssp-test?action=sendtoken
[Mon Aug 05 19:50:57.217688 2024] [php:warn] [pid 20] [client 192.168.1.104:48244] PHP Warning:  ldap_start_tls(): Unable to start TLS: Connect error in /var/www/vendor/ltb-project/ldap/src/Ltb/PhpLDAP.php on line 31, referer: https://example.com/ssp-test?action=sendtoken
[Mon Aug 05 19:50:57.217698 2024] [php:notice] [pid 20] [client 192.168.1.104:48244] LDAP - Unable to use StartTLS, referer: https://example.com/ssp-test?action=sendtoken

[findlayfeng]

LTS or StartTLS ?
These are two different ways
For TLS connection configuration, just use ldaps://xxx to configure the address. There is no need to enable StartTLS.