[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: syncrepl with ssl
Hi,
James <james@nttmcl.com> writes:
> Dieter Kluenter wrote:
>> "Dieter Kluenter" <dieter@dkluenter.de> writes:
>>
>>
>>> James <james@nttmcl.com> writes:
[...]
>>>>
>>> And what is the TLS part of the consumer slapd.conf looking like?
>>>
>>
>> Sorry, my fault, it should read ldap.conf
>>
>> -Dieter
>>
>>
> timelimit 120
> bind_timelimit 120
> idle_timelimit 3600
> nss_initgroups_ignoreusers
> root,ldap,named,avahi,haldaemon,postfix,messagebus
> URI ldaps://master.example.com
> BASE dc=example,dc=com
> ldap_version 3
> pam_password exop
> ssl on
> tls_ciphers HIGH:MEDIUM:+SSLv2:RSA
> tls_checkpeer no
> TLS_CACERT /etc/ssl/cacert.pem
> TLS_REQCERT allow
Most of this are not valid parameters for OpenLDAP. This file is a
mixture of pam_ldap.conf and openldap/ldap.conf
-Dieter
--
Dieter Klünter | Systemberatung
http://www.dkluenter.de
GPG Key ID:8EF7B6C6