[Date Prev][Date Next]
SSL redundancy through an F5
- To: OpenLDAP-software@OpenLDAP.org
- Subject: SSL redundancy through an F5
- From: Chris Lundell <email@example.com>
- Date: Thu, 27 Jan 2005 09:52:20 -0500
- Organization: Burlington Coat Factory
- User-agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.2.1) Gecko/20030225
Has anyone had any experience in getting multiple LDAP daemons to run
SSL under an F5?
I'm using the "lowest" form of encryption - i.e., with no client-side
verification. I only want to use a certificate and its key.
In "slapd.conf", I have the following directives:
In "/etc/ldap.conf", I have "host" as "ldap-devel.coat.com", which
points to a F5 pool (of the same name), which then distributes requests
to two OpenLDAP daemons. The only ssl/tls directive activated in
"/etc/ldap.conf" is "ssl on". I generated a new certificate with a
common name of "ldap-devel.coat.com" for both OpenLDAP daemons and this
didn't work. I initiate "slapd" with "-h ldap:/// ldaps:///". I don't
want to supply multiple hosts in "/etc/ldap.conf".
My question may be more appropriate for another mailing list, but I
thought I'd start here first. Thanks in advance for any advice.