[Date Prev][Date Next] [Chronological] [Thread] [Top]

Replication problem using synrepl with TLS (Starttls)



Hi everybody,

I use replication between my openldap provider and an openldap consumer, i use syncrepl over TLS connection. I managed to make it working... but now, it doesn't want to work. I just have done a reboot on the consumer and the replication does not want to work again.

Here is the log line i get :

slap_client_connect: URI=ldaps://provider.mydomain.net DN="cn=syncrepl,dc=mydomain.net" ldap_sasl_bind_s failed (-1)

My openldap servers use cn=config directives, on my consumer i have this :

olcSyncrepl: {0}rid=000 provider=*ldap://provider.mydomain.net*
searchbase=dc=mydomain.net
bindmethod=simple
binddn=cn=syncrepl,dc=mydomain.net
credentials=XXXXX
retry="60 +"
type=refreshOnly
interval=00:00:10:00
starttls=yes
tls_cert=/etc/ssl/certs/ca-cert.pem
tls_cacert=/etc/ssl/certs/ca-cert.pem
tls_key=/etc/ssl/private/ca-key.pem


If you want see more of my configuration have a look to my blog :
http://erralt.wordpress.com/2010/01/19/openldap-syncrepl-via-tls-ssl/

Any idea on this error ?

ldap_sasl_bind_s failed (-1)

Thank you
Best regards

--
Germain Maurice
Administrateur Système
Tel : +33.(0)1.42.43.64.13

**linkfluence news & events**
2009 excellence award nominee from ESOMAR
2009 marketing research silver award from semo & marketing magazine (France)
2009 european excellence award recipient (PR evaluation, wahlradar.de, joint project with Publicis Consultants)