[Date Prev][Date Next]
Re: Need Help On Master-Master Replication Setup!!
Thank you so much, I will try it tomorrow in case of any issues will get back.
As suggested, I will put the FQDN of 3 LDAP servers and also the FQDN of the VIP in the cert and create it.
Once again thanks for all your help.
On Sun, Sep 11, 2011 at 9:32 PM, Daniel Qian <email@example.com>
The subjectAltName should be a comma separated list of all the FQDNs
of your servers plus FQDN for the VIP as Chris just pointed out in
On 11-09-11 3:28 PM, pradyumna dash wrote:
So i dont need to put the FQDN of the LB in the
cert, right ?
correct me if am wrong, My client will point to the FQDN/IP of
the LB which will internally distribute the traffic across
backend LDAP servers, I was just confused whether to keep the
LB FQDN in the cert.
On Sun, Sep 11, 2011 at 9:09 PM,
Daniel Qian <firstname.lastname@example.org>
The three servers
in the LB pool can share one certificate. When you
create the CSR for the certificate, you can specify
ldapserver1, ldapserver2 & ldapserver3 for the
subjectAltName field. Google with "subjectAltName" you
should be able to find a lot of information how to do
On 11-09-11 2:48 PM, pradyumna dash wrote:
On Fri, Sep 9, 2011 at
11:15 PM, pradyumna dash <email@example.com>
is the setup I would like to have.
| __________LoadBalancer1_________ |
| | |
ldapserver1 ldapserver2 ldapserver3
My challange is I never did this kind of architecture before, So would like to know from LB prosepctive, How to configure it like
say i have to create a DNS FQDN e.g "ldapserver.example.com" and then use this as a floating IP/hostname for the 3 ldapservers
in the backend? or whats should be done? The network team will do the setup but i need to tell them what to do. My next question
would be i would like to configure LDAPS, so how to create the certificate i mean what to provide in common name or how to create a
certificate which can be shared across the servers, am using "openssl" ? I am using SLES 11(SP1) and the setup wiould be a Multi-Master
On Fri, Sep 9,
2011 at 8:14 PM, pradyumna dash <firstname.lastname@example.org>
for the suggestion, but i never
did it before , if you can share a
doc or something would be great.
use the openssl to generate the
certificate, so even i dont know
how to configure subjectAltNames.
Also if you can explain a bit how
i should i proceed would be
in the load balancer what to
configure and how to create the
Sep 9, 2011 at 7:35 PM, Quanah
I would suggest a cert for
ldap1 and ldap2, both with
having subjectAltNames for a
load balanced name too, so
clients can work directly to
the servers and directly
with the LB name.
September 08, 2011 10:17
PM +0200 pradyumna dash
I would like to setup
would like to know
something more about
it, because i
never implemented the
Suppose i have 2
I will configure M-M
LDAPS, in this
scenario how my
be? Do i need to keep
it behind the
what are the steps to
How come the client
will come to know if
any of the server is
will talk to the other
server, because in my
ldap.conf file i will
single URI/host entry
pointing to one of the
server and also how to
i need 2 individiual
certificate 1 for
ldap1 and 1 for ldap2?
Sr. Member of Technical
A Division of VMware, Inc.
Zimbra :: the leader in
open source messaging and