[Date Prev][Date Next]
Re: failover config: servers with same DNS address and TLS, subjectAltName extension
Quanah Gibson-Mount <email@example.com> wrote:
> Just note that using SSL over port 636 is not a defined protocol, and may
> go away in the future. Avoidance of its use when possible recommended.
I have this in /etc/services:
ldaps 636/tcp ldap protocol over TLS/SSL (was sldap)
And checking the authoritative source confirms it's registered.
So what's wrong with LDAP/SSL over port 636?
> > Make sure rid is different on srv1 and srv2.
> RID only needs to be unique inside a single configuration (i.e., for a
> single slapd instance). Both your replicas could use the same RID.
I wasn't aware, thank you for the comment.