[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Slurpd and TLS/SSL

To: openldap-software@OpenLDAP.org
Subject: Re: Slurpd and TLS/SSL
From: jseymour@linxnet.com (Jim Seymour)
Date: Thu, 13 Oct 2005 14:39:21 -0400 (EDT)
In-reply-to: <434E9A39.7090308@symas.com>

Howard Chu <hyc@symas.com> wrote:
> 
[snip]
> 
> All that matters is that both servers are properly configured to 
> recognize/accept each other's certs. However, it's usually a bad idea to 
> use self-signed certs for servers. Any time you need to use more than 
> one cert you should create an actual CA cert and use it to sign all the 
> others that you'll use.
[snip]

All in good time.  But thanks for the suggestion.

> Remember that slurpd is an LDAP client, not an LDAP server. It only 
> extracts a few bits of info out of slapd.conf, the rest of its 
> configuration (including TLS parameters) must be set via ldap.conf.

Got here O'Reilly's "LDAP System Administration" (now rather
out-of-date, but still useful) and the OpenLDAP.org admin guide.
Neither mentions anything about ldap.conf in relation of replication.

Is now the point at which I mention I'm more confused than ever?

Jim

Follow-Ups:
- Re: Slurpd and TLS/SSL
  - From: "Kurt D. Zeilenga" <Kurt@OpenLDAP.org>
- Re: Slurpd and TLS/SSL
  - From: Howard Chu <hyc@symas.com>
- Re: Slurpd and TLS/SSL
  - From: jseymour@linxnet.com (Jim Seymour)

References:
- Re: Slurpd and TLS/SSL
  - From: Howard Chu <hyc@symas.com>

Prev by Date: Re: Slurpd and TLS/SSL
Next by Date: Re: Slurpd and TLS/SSL
Index(es):
- Chronological
- Thread