[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: TLS with multiple LDAP servers

To: Julien Courtès <julien.courtes@yooda.com>, "openldap-technical@openldap.org" <openldap-technical@openldap.org>
Subject: Re: TLS with multiple LDAP servers
From: "Choure, Sidd" <schoure@apartments.com>
Date: Wed, 12 Mar 2014 16:30:54 +0000
Accept-language: en-US
Content-id: <14A5B92E143A3541BD29C1A47D379A66@classifiedventures.com>
Content-language: en-US
In-reply-to: <53208405.20409@yooda.com>
Thread-index: AQHPPg4myZxf/B9kpEeNN5VtsjZRRJrdpMKA
Thread-topic: TLS with multiple LDAP servers

One way of doing this would be to create a CA cert and sign the two
certificates for the two LDAP servers with this CA cert and install the CA
cert on the clients.


Siddharth Choure
Senior Systems Engineer
 





On 3/12/14, 10:57 AM, "Julien Courtès" <julien.courtes@yooda.com> wrote:

>Hi,
>I have two LDAP servers in master-slave
>ldap1.domain.com - master
>ldap2.domain.com - slave
>These servers got different ip addresses and are hosted on different
>servers
>But I want to enable TLS connection with clients.
>So can I create a unique certificate that I put on both servers and the
>client will use one unique certificate to connect to server "ldap1" or
>"ldap2" if the first one is down.
>
>If not, how should I do?
>I did a search and I found that I can use subjectAltNames or wildcard
>certificat.
>
>Thanks
>
>Julien Courtès
>

References:
- TLS with multiple LDAP servers
  - From: Julien Courtès <julien.courtes@yooda.com>

Prev by Date: Re: Kerberos issue running OpenLDAP on Mac OS X Mavericks
Next by Date: RE: TLS with multiple LDAP servers
Index(es):
- Chronological
- Thread