Re: ssl syncing problem

[Andrew Findlay <andrew.findlay@skills-1st.co.uk>]

On Mon, Sep 01, 2003 at 02:42:49PM +0200, Michal Gubik wrote:

> I tried to search thru mailing list but found nothing... I am running 
> slapd on both ssl and normal port but they dont seem to sync each other 
> untill I restart the deamon ... I mean that I add an entry and can look 
> it up only by ssl or vice versa ... everything seems to be ok once I 
> restart the deamon? Any help?

It sounds as if you are running two separate copies of the daemon,
both accessing the same database. Thie is not a good thing to do!
slapd can bind to as many ports as you like, just specify the list of
URLs as the argument to the -h flag. The URLs should be separated by
spaces, so you will need to quote them, e.g.:

	-h 'ldap:/// ldaps:/// ldapi:///'

That will cause slapd to listen for normal LDAP, LDAP-over-ssl, and
LDAP-over-local-socket.

Note that you must have the certificate parameters set up in the
config file before you can do SSL. Note also that you do not need to
use ldaps for secure connections: it is better these days to use plain
LDAP with TLS (though there may still be clients that do not support
that).

Andrew
-- 
-----------------------------------------------------------------------
|                 From Andrew Findlay, Skills 1st Ltd                 |
| Consultant in large-scale systems, networks, and directory services |
|     http://www.skills-1st.co.uk/                +44 1628 782565     |
-----------------------------------------------------------------------