[Date Prev][Date Next] [Chronological] [Thread] [Top]

RE: TLS with multiple LDAP servers



Hi, Julien;

I had almost the same question a few months back.  It was recommended to me
to use wildcard certificates.  Though my configuration is a Multi-Master and
not a true master/slave.  

John

-----Original Message-----
From: openldap-technical-bounces@OpenLDAP.org
[mailto:openldap-technical-bounces@OpenLDAP.org] On Behalf Of Julien Courtès
Sent: Wednesday, March 12, 2014 11:58 AM
To: openldap-technical@openldap.org
Subject: TLS with multiple LDAP servers

Hi,
I have two LDAP servers in master-slave
ldap1.domain.com - master
ldap2.domain.com - slave
These servers got different ip addresses and are hosted on different servers
But I want to enable TLS connection with clients.
So can I create a unique certificate that I put on both servers and the
client will use one unique certificate to connect to server "ldap1" or
"ldap2" if the first one is down.

If not, how should I do?
I did a search and I found that I can use subjectAltNames or wildcard
certificat.

Thanks

Julien Courtès

Attachment: smime.p7s
Description: S/MIME cryptographic signature