[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: syncrepl 2.4 issue from 2.3 master

To: Quanah Gibson-Mount <quanah@zimbra.com>
Subject: Re: syncrepl 2.4 issue from 2.3 master
From: FRLinux <frlinux@gmail.com>
Date: Thu, 29 Oct 2009 01:09:15 +0000
Cc: openldap <openldap-software@openldap.org>
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:in-reply-to:references :date:message-id:subject:from:to:cc:content-type :content-transfer-encoding; bh=pNo+PG3mW04avFpW2jyQTIJ27XyC1ctUOEOJeiwm79g=; b=XtiJbSntQJl/0eVFqUdTcC5l1n/hgY13iXVc2kGgKmrMINF/twu25L36xPb+GyoZhH VMO4oZiygG3LcBRakI61AE3WlhcCtdR0cPYHSZcDidyIKyQMRzgp5qZV8QBuwGKgUw/M pUcHjX6YBrCiFUJcCrWNP/TqWRqNqcYqLbvec=
Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type:content-transfer-encoding; b=lZQhxP+itb9oiOgObFKJhYGOQMjgZBZ98Ufdppxnm5Q/uXMPEBx4woQ9JpRJSOWU08 nyQCAy2RUiBW1xnpfMtghsIB/sw8X94XuZH4+pvfkERxdwjE0frGPjqmnEO5uTLAFZlK 1GMJUrPTReiqA8NJkufbwvI4/jjDToIht7uBU=
In-reply-to: <a8139f990909250054n5bb576cbpd9eed5c511f4dac6@mail.gmail.com>
References: <a8139f990909180929j42333d6ej3df60f34921564df@mail.gmail.com> <85BFAE609A5FD6079FB960C0@192.168.1.199> <a8139f990909240251l56a2c68ctcbcbf9f6b13b3347@mail.gmail.com> <a8139f990909250054n5bb576cbpd9eed5c511f4dac6@mail.gmail.com>

On Fri, Sep 25, 2009 at 7:54 AM, FRLinux <frlinux@gmail.com> wrote:
> On Thu, Sep 24, 2009 at 10:51 AM, FRLinux <frlinux@gmail.com> wrote:
>> Hello, I am back again on that one as I cannot get it to work.
>>
>> I am getting:
>>
>> main: TLS init def ctx failed: 1
>> slapd destroy: freeing system resources.
>> slapd stopped.
>> connections_destroy: nothing to destroy.
>>
>> This is my replication config on the slave (2.4 on Debian):
>>
>> syncrepl rid=124 \
>> provider=ldaps://masterldap.example.com:636 \
>> type=refreshAndPersist  \
>> searchbase="dc=example,dc=com" \
>> scope=sub \
>> filter="(objectClass=*)" \
>> attrs="*" \
>> schemachecking=off \
>> tls_cacert=/etc/ldap/cert/cacert.pem \
>> bindmethod=sasl \
>> saslmech=GSSAPI \
>> binddn="cn=LDAPReplicator,dc=example,dc=com" \
>> credentials=xxxxxx
>>
>> Anything I might be doing wrong?
>
> Anyone please?
>

I have tried many options on saslmech, etc... and still cannot use ssl
directly on port 636 using the new syncrepl options (where you specify
your certs straight in the syncrepl section).

So, am I right in the following assumption that syncrepl now only
supports TLS instead of plain old SSL ?

Please respond to this, I need to get this working...

Cheers,
Steph

Follow-Ups:
- Re: syncrepl 2.4 issue from 2.3 master
  - From: Quanah Gibson-Mount <quanah@zimbra.com>

Prev by Date: Re: Mirror Mode, replicas and delta-syncrepl
Next by Date: SSL strangeness
Index(es):
- Chronological
- Thread