On Thu, 2009-02-26 at 14:56 -0800, Howard Chu wrote:
In 2.4, if you configure syncrepl over TLS and omit the new options,
does OpenLDAP use the values that are configured for the server
certificate settings (TLS*), if any?
That's already explicitly stated in the slapd.conf(5) manpage.
If so, I'm confused as to why it
failed for me originally.
I have no idea, it works for me.
Meh!
Craig:
Try issuing two certs for your replica. One for the "server"
services, one for the "client" service.
Sign them both by the same Root CA, or two different intermediary CAs
(which you can daisy chain), but differentiate them with Netscape
Certificate Use extensions for your own reference