[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Syncrepl over TLS for mirrormode



--On Friday, August 26, 2011 3:49 PM -0400 Daniel Qian <daniel@up247solution.com> wrote:


I can set two different certificates so that TLS is fine for sync between
the two nodes. However we will have regular Ldap client access these two
nodes behind a loadbalancer over TLS too. Obviously the client can't
connect with ldap-sid2.example.com, nor with ldap-sid1.example.com. So
what is the solution to this scenario? Setup a pool of consumers with
same hostname?

Set "subjectAltName" in your certs requests.

--Quanah


--

Quanah Gibson-Mount
Sr. Member of Technical Staff
Zimbra, Inc
A Division of VMware, Inc.
--------------------
Zimbra ::  the leader in open source messaging and collaboration