[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Slurpd over SSL

To: Quanah Gibson-Mount <quanah@stanford.edu>
Subject: Re: Slurpd over SSL
From: Mark <mark@rusautogaz.ru>
Date: Thu, 20 Nov 2003 12:56:24 +0300
Cc: Estevam Viragh <estevamviragh@yahoo.com.br>, openldap-software@OpenLDAP.org
In-reply-to: <451006483.1069284171@cadabra-dsl.stanford.edu>
References: <20031120032347.62432.qmail@web21502.mail.yahoo.com> <451006483.1069284171@cadabra-dsl.stanford.edu>

Quanah Gibson-Mount wrote:

--On Thursday, November 20, 2003 12:23 AM -0300 Estevam Viragh <estevamviragh@yahoo.com.br> wrote:

TLS works for us.  Here is our MASTER's slapd.conf replica related def's:

# need to be changed - specific to server
# this is specific to HOSTNAME.stanford.edu
TLSCertificateFile      /etc/ldap/HOSTNAME.cert
TLSCertificateKeyFile   /etc/ldap/HOSTNAME.key
TLSCACertificateFile    /etc/ldap/comodo-full.pem

Is HOSTNAME.cert HOSTNAME.key comodo-full.pem in MASTER's slapd.conf differs from same files on REPLICA slapd.conf file?

replica         host=ldap9.stanford.edu:389
               tls=yes bindmethod=sasl

binddn=cn=replicator,cn=service,cn=applications,dc=stanford,dc=edu saslmech=gssapi


Our ldap.conf (on both master and replica's) looks like:

BASE    dc=stanford, dc=edu

TLS_CACERT /etc/ldap/comodo-full.pem
TLS_CERT /etc/ldap/HOSTNAME.cert
TLS_KEY /etc/ldap/HOSTNAME.key
TLS_REQCERT try


Our REPLICA slapd.conf looks like:

# need to be changed - specific to server
# this is specific to HOSTNAME.stanford.edu
TLSCertificateFile      /etc/ldap/HOSTNAME.cert
TLSCertificateKeyFile   /etc/ldap/HOSTNAME.key
TLSCACertificateFile    /etc/ldap/comodo-full.pem

# Replica Directives

updatedn cn=replicator,cn=service,cn=applications,dc=stanford,dc=edu updateref ldaps://ldap-master.stanford.edu

Follow-Ups:
- Re: Slurpd over SSL
  - From: Quanah Gibson-Mount <quanah@stanford.edu>

References:
- Slurpd over SSL
  - From: Estevam Viragh <estevamviragh@yahoo.com.br>
- Re: Slurpd over SSL
  - From: Quanah Gibson-Mount <quanah@stanford.edu>

Prev by Date: Re: Slurpd over SSL
Next by Date: Re: alias ldif
Index(es):
- Chronological
- Thread