Re: Replication setup problem

[Sergio Pereira <sergio@rnet.ryerson.ca>]

That was I meant :-) . I'm trying to know if my TLS is working or not
even if I use plaintext in slapd.conf file. The file itself is readable
by root/ldap users. Using the option TLS=YES will guarantee that the
channel between Master and Slave is encrypted ? What else can be done to
improve the communication security between servers?

here is my 'replica' in my slapd.conf (master):

replogfile /var/lib/ldap/ldapreplication
replica host="slave.example.com:389"
        tls=yes
        binddn="cn=manager,dc=example,dc=com"
        bindmethod=simple
        credentials= secret

thx all,




On Thu, 2004-05-20 at 02:47, Luca Scamoni wrote:
> Communication security is achieved encrypting the channel through TLS or
> other encryption methods.
> Password encryption in a configuration file would save you only by someone
> that can access the file itself. If the file is readable by root only and
> someone can read it, I believe you have other things to worry about...
> 
> Sergio Pereira disse:
> > Great! it's working now but .. I don't want to put the password in
> > plaintext.. can't I sue SSA or something similar? I want to make the
> > communication between Master and Slave secure.
> >
> > thx
> >
> > sergio
> >
> >
> > On Wed, 2004-05-19 at 14:48, Pierangelo Masarati wrote:
> >> put the replicator's credentials in plaintext and it'll likely work.
> >>
> >> p.
> > --
--