[Date Prev][Date Next]
Re: Secure Replication in a Redundant System
--On Tuesday, August 17, 2004 6:28 PM +0800 Louis Casambre
I've been working on putting together a secure LDAP system with multiple
slaves for redundancy. So far so good, we now have 1 master and 3 slaves
with their clients capable of querying any of them using TLS and
Now I'd like use a DNS entry like ldap.mydomain.com so that the load will
"evenly" distribute among them. My problem is that would I have to change
the SSL certificates to match their generic FQDN, but then how would I
refer to them for replication?
You could simply use SASL/Kerberos for the replication, which will be
secure as well, rather than SSL for that bit.
Principal Software Developer
GnuPG Public Key: http://www.stanford.edu/~quanah/pgp.html