[Date Prev][Date Next] [Chronological] [Thread] [Top]

syncrepl with x509 certificates


I am trying to build a network of ldap nodes sync with syncrepl using x509 

I ran into a problem when I setup the first slace node, I create a certificate 
that did not have SSL Client purpose, but did have SSL Server purpose - I am 
presuming it is this, because 2 certificates made exactly the same way, 1 fails 
- the non SSL Client and the other works the one that has the SSL Client 

I am presuming that I need both purposes SSL Server and SSL Client - the former 
to allow ldaps usage and the later for making ldap request and being a client 
in a syncrepl scenario.

Is there 

a) a way to specify another certificate to use in the syncrepl config
b) a way to not check for the SSL Client purpose in the certificate

For now I am going to create on that has both purposes ...


"As you can possibly see, I have an injury myself—not here at the hospital, but in combat with a cedar. I eventually won. The cedar gave me a little scratch."

	- George W. Bush
San Antonio, TX
After visiting with wounded veterans from the Amputee Care Center of Brooke Army Medical Center

Attachment: signature.asc
Description: Digital signature