[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Delta replication don't starts if consumer supports SSL?



--On Wednesday, February 06, 2013 6:33 PM -0200 paler cryptkeeper <paler.cryptkeeper@gmail.com> wrote:


Hi.

Today I had to set up two OpenLDAP instances (2.4.33), with delta
replication under SSL/TLS, something pretty common, I think.
The installation (from source), initializing and TLS support setup went
fine, and both, provider and consumer, started up without problems, and
searches did well on both, with ldapd and ldaps. However, the replication
never started. After a while (almost 2.5 hours!! and so many slapd.conf
files..) I tried to start the consumer without ldaps support, only ldap,
and the replication started perfectly! Is this normal? Could be something
with the config? The only thing that changed between a not working state
and a working one was that if 'slapd -d 256 -h "ldap:/// ldaps:///"' was
used, replication didn't start, and with only 'slapd -d 256' the
replication started normally.. I repeat that with the first option,
beside replication, everything else worked fine, even searches using
ldaps..Â
It's something I could not explain to or customer.. can someone explain
it to me? :)
Thanks!

Likely it couldn't negotiate the SSL connection. I would guess you failed to set the cert options in the syncrepl line. Since you provide no detail into your configuration, all I can do is guess.

--Quanah

--

Quanah Gibson-Mount
Sr. Member of Technical Staff
Zimbra, Inc
A Division of VMware, Inc.
--------------------
Zimbra ::  the leader in open source messaging and collaboration