[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: syncrepl failing with ldap_start_tls failed (-11)

To: openldap-technical@openldap.org
Subject: Re: syncrepl failing with ldap_start_tls failed (-11)
From: Iain Georgeson <iain.georgeson@kaust.edu.sa>
Date: Sun, 29 Jan 2012 14:10:21 +0300
In-reply-to: <CABU1Rte-yt-NF+UNQ4ROoN-o1=TwmPOY9O86+KduAYHjzLycJw@mail.gmail.com>
References: <CAFUHv-9hL2y_dfm9dFxzK9aruhqja6xip8_G00cg_9M4OM7Apw@mail.gmail.com> <CABU1Rte-yt-NF+UNQ4ROoN-o1=TwmPOY9O86+KduAYHjzLycJw@mail.gmail.com>

On 28 January 2012 21:11, Rich Megginson <richm@stanfordalumni.org> wrote:
> On Sat, Jan 28, 2012 at 4:38 AM, Iain Georgeson
> <iain.georgeson@kaust.edu.sa> wrote:
>> I'm trying to set up syncrepl in my LDAP infrastructure. The logs on
>> my consumer show that syncrepl is failing to negotiate TLS when
>> connecting to the provider. Other LDAP commands such as ldapsearch and
>> sssd show no problem connecting using the same TLS configuration.
> There were a few moznss TLS issues fixed between 2.4.23-15 and
> 2.4.23-20 in RHEL 6.2 (back ported from openldap upstream
> 2.4.24-2.4.28)
>
> I don't know how far behind SL is compared to RHEL but if you can, try
> with openldap 2.4.23-20

Many thanks. I bumped slapd on the consumer to 2.4.23-20 from SL6.2
beta, and TLS succeeds now.

    Iain.

-- 
Systems Engineer
KAUST Visualisation Laboratory

References:
- syncrepl failing with ldap_start_tls failed (-11)
  - From: Iain Georgeson <iain.georgeson@kaust.edu.sa>

Prev by Date: Re: making a full replica: slapd -c "rid=xxx" doesn't seem to work
Next by Date: Re: making a full replica: slapd -c "rid=xxx" doesn't seem to work
Index(es):
- Chronological
- Thread