[Date Prev][Date Next] [Chronological] [Thread] [Top]

RE: Unknown CA error - replication

To: <OpenLDAP-software@OpenLDAP.org>
Subject: RE: Unknown CA error - replication
From: "McMaster, Michael" <michael.mcmaster@etrade.com>
Date: Fri, 1 Oct 2004 12:58:29 -0400
Content-class: urn:content-classes:message
Thread-index: AcSnmXszivN2wtclQ2eqSFF6c1f/cQAPWZ/Q
Thread-topic: Unknown CA error - replication

Buchan,

Are you sure it doesn't look at /etc/openldap/ldap.conf?  Regardless, I
tried your suggestion.  Creating a softlink in the config directory
(next to slapd.conf) to /etc/openldap/ldap.conf did not solve the
problem.  

Thanks,
Mike


McMaster, Michael wrote:
> Hello,
> 
> I have searched the list archives *exhaustively*, and it seems like
I'm
> doing everything right... 
> 
> I am trying to set up replication between two LDAP servers.  Both use
> OpenLDAP 2.2.15, compiled with TLS support.  Using the OpenLDAP TLS
> howto as a guide, I created a self-signed CA certificate, and used it
to
> create both the server and client certs.  I was careful to put each
> machine's FQDN in the subject field.  In my master's slapd.conf, I
have:
> 
> TLSCertificateFile /etc/cert/newcert.pem
> TLSCertificateKeyFile /etc/cert/newreq.pem
> TLSCACertificateFile /etc/cert/demoCA/cacert.pem
> 
> In the client's /etc/ldap.conf, I included:
> TLS_CACERT /etc/cert/demoCA/cacert.pem

This should probably be the ldap.conf in the same directory as your 
slapd.conf (unless you have patched openldap to use a different location

or you have symlinks or similar), which I assume is not in /etc ...

Regards,
Buchan

-- 
Buchan Milne                      Senior Support Technician
Obsidian Systems                  http://www.obsidian.co.za
B.Eng                                RHCE (803004789010797)

Prev by Date: slurpd cannot replicate database
Next by Date: RE: Unknown CA error - replication
Index(es):
- Chronological
- Thread