Hi I am trying to build a network of ldap nodes sync with syncrepl using x509 certificates. I ran into a problem when I setup the first slace node, I create a certificate that did not have SSL Client purpose, but did have SSL Server purpose - I am presuming it is this, because 2 certificates made exactly the same way, 1 fails - the non SSL Client and the other works the one that has the SSL Client purpose. I am presuming that I need both purposes SSL Server and SSL Client - the former to allow ldaps usage and the later for making ldap request and being a client in a syncrepl scenario. Is there a) a way to specify another certificate to use in the syncrepl config b) a way to not check for the SSL Client purpose in the certificate For now I am going to create on that has both purposes ... Alex -- "As you can possibly see, I have an injury myself—not here at the hospital, but in combat with a cedar. I eventually won. The cedar gave me a little scratch." - George W. Bush 01/01/2006 San Antonio, TX After visiting with wounded veterans from the Amputee Care Center of Brooke Army Medical Center
Attachment:
signature.asc
Description: Digital signature