caFile/caPathc options should be available for LDAPS, not only for LDAP+TLS
If we have ldap+tls:// we can configure caFile or caPath parameter, but if we use ldaps:// these parameters are not taken into account. This is because of this code:
if ( $server =~ m{^ldap\+tls://([^/]+)/?\??(.*)$} ) {
$useTls = 1;
$server = $1;
$tlsParam = $2 || "";
}
else {
$useTls = 0;
}
...
if ($useTls) {
my %h = split( /[&=]/, $tlsParam );
$h{cafile} = $portal->{caFile} if ( $portal->{caFile} );
$h{capath} = $portal->{caPath} if ( $portal->{caPath} );
...
}
We should be able to define caFile and caPath even if not in useTls condition.