----- "Alberto GD" <
darkxer0x@esdebian.org> wrote:
> Hi!
> I've followed
openldap.org 's guide and ldap works great with TLS/SSL
> with authentication in server and clients. Now I have added a LDAP
> replica (ldap slave server), and I have some questions:
> - In the clients I had to make the certs with the server certificate
> (cacer.pem) of the master, because I check the server certificate, and
> also check the clients in the server. Now that I have a replica, I
> have to make others certs with the server certificate of the slave
> server (and how can I show two certificates to ldap.conf)?? (I
> followed this (
>
http://www.openldap.org/pub/ksoper/OpenLDAP_TLS.html#4.3 ) Or with the
> certificates made from server certificates its sufficient??
>
> >Step 1 and 2: Do nothing ... the CA does not need to be created
> again. The plan is to use the same CA certificate to sign the client
> certificate.