[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: SASL/KerberosV, SSL/TLS and replication...
I have replication over TLS, and it works fine. I added the two related slapd.conf directives, and
compiled OpenLDAP 2.0.7 with OpenSSL. I used the CA.sh script that came in the /usr/lib/ssl/misc
directory to make my own CA and certificate. I can help you out more if you tell me specifically
what you are trying to do. Do you want to use replication using SASL/GSSAPI? If so, I can't be of
help.
Turbo Fredriksson wrote:
> I'm just a foot or so from full LDAPv3 implementation on my
> production server. Now all I have to work out, is secure replication.
>
> So far I've got to this:
> "http://www.bayour.com/kerberos/Kerberos-MiniHOWTO.html#16.Setting up secure replication|outline"
>
> The problem is that I get a reject...
>
> ----- s n i p -----
> ERROR: DSA is unwilling to perform
> replica: localhost:3391
> [etc]
> ----- s n i p -----
>
> Any ideas? There is a ticket befor starting slurpd (I even tried stopping
> slurpd, and running it from the shell with -o).
>
> --
> Turbo __ _ Debian GNU Unix _IS_ user friendly - it's just
> ^^^^^ / /(_)_ __ _ ___ __ selective about who its friends are
> / / | | '_ \| | | \ \/ / Debian Certified Linux Developer
> _ /// / /__| | | | | |_| |> < Turbo Fredriksson turbo@tripnet.se
> \\\/ \____/_|_| |_|\__,_/_/\_\ Stockholm/Sweden