[Date Prev][Date Next] [Chronological] [Thread] [Top]

2-way Multimaster replication (including configuration) and TLS certificate

Hi everyone,
I was able to make a 2-way Multimaster replication (including
configuration) with TLS, by specifying "manually" the certificate (and key)
for the 2nd server (certificate different from the 1st server). The servers
replicated, OK.

But after the "first replication", the cn=config of the 2nd now contains
the TLSCertificateFile and TLSCertificateKeyFile of the 1st server, which
is point less. The 2nd server can't now start, because it can't find its
certificate (and key), which is normal ...

Is it possible to specify "multiple" certificates in the cn=config file ?

Or should I go with using alternateSubjectAltName in certificates (which is
not pretty) ?

I would really want to go to multimaster for configuration for the
following (source of typing faults) elements :
 - authz-regexp
 - schema
 - acl
 - overlays configuration$

I'm using OpenLDAP 2.4.11 compiled from source on RHEL4U5.

Thanks in advance for any answer,
Sincerely yours, Mathieu MILLET.

Mathieu MILLET
Mathieu MILLET