[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: syncrepl not syncing [ CSN older or equal to ctx ]
Duncan Brannen wrote:
I now have a different problem with the slave not recognising the
master's certificate
TLS trace: SSL3 alert write:fatal:unknown CA
I'm wondering if I've a mix of ssl libraries in there someplace (debug
looks like it's reading the correct directive and the other slaves
work so it's not openldap)
There goes my afternoon ;)
Cheers,
Duncan
In case anyone else has this problem and had the same chair/keyboard
breakdown I had,
I'd overwritten my ldap.conf file when I reinstalled and syncrepl (on
the client side at least) would seem to get it's
CA info from the /usr/local/etc/openldap/ldap.conf file rather than the
TLSCACertificateFile option in slapd.conf
On a related note, while the man page still mentions starttls for
syncrepl, the online admin guide doesn't
http://www.openldap.org/doc/admin24/slapdconfig.html#syncrepl
Is this a hint to get people using sasl instead of simple?
Cheers,
Duncan