[Date Prev][Date Next] [Chronological] [Thread] [Top]

Single-master replication over TLS fails in 2.4.15

Title: Single-master replication over TLS fails in 2.4.15


I am trying to upgrade from 2.3.42 to 2.4.15 and my setup uses single-master replication over TLS.  When I do the upgrade I have noticed that replication fails.  I have reproduced the problem in my lab, using a single server and multiple slapd instances, and I get the following error on the slave:

The corresponding trace on the master is:

Based on the error messages, I thought that there was a problem with the certificates I am using, but when I revert the slapd executable to the old 2.3.42 version, replication succeeds.  Were more stringent CA checks added between 2.3.42 and 2.4.15?  Note that the same OpenSSL version was used to build both slapd executables (0.9.8b).  Also, the same configuration options were used to build both versions.