[Date Prev][Date Next] [Chronological] [Thread] [Top]

Secure replication via TLS/SSL



Hello all,

i am using openldap-2.1.3 on solaris 9 and have setup master and slave instance to operate on high ports to be able to start it as non-root.

the master log has the following directive:

replica host=somemachine.columbia.edu:9050
       binddn="cn=replicator,dc=myorg,dc=org"
       bindmethod=simple credentials=xxxxx
       tls=yes

1) if master is started with ldaps:// and slave is ldap:// the replication works but i am still not convinced that the data is passed securely using tls. i tried logging this communication with a high debug level but it is still unclear if the tls=yes makes any difference.
2) if both are ldaps:// the replication does not work.


i would appreciate any info on this!
- James