[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Secure replication

To: openldap-technical@openldap.org
Subject: Re: Secure replication
From: Alex M <lists@male.donotuse.de>
Date: Sat, 6 May 2017 10:03:22 +0200
In-reply-to: <803F62B0-3320-4C59-A3FD-DFDF86B8ED61@jpl.nasa.gov>
References: <803F62B0-3320-4C59-A3FD-DFDF86B8ED61@jpl.nasa.gov>
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Thunderbird/45.8.0

On 05/06/2017 02:56 AM, Real, Elizabeth (392K) wrote:
> Hey guys,
> 
> I’m running multi-master OpenLDAP (version 2.4.40) servers and need to secure replication. Can you point me to where I can find that information? What I found online is old and does not apply to the version I’m running.
> 
> The olcSyncRepl directive on both systems needs to go from:
> olcSyncRepl: rid=001 provider=ldap
> to:
> olcSyncRepl: rid=001 provider=ldaps
> 
> Thank you,
> Liz
> 

Hi,

First you'll need to generate ssl certificates and enable tls/ssl on
your services.

After it is done you can use ldaps:// uri with tls parameters to point
to the provider/consumer servers.

This is discussed in multiple places, in addition to official openldap
admin guide just google your favorite linux distribution with openldap tls.

References:
- Secure replication
  - From: "Real, Elizabeth (392K)" <Elizabeth.Real@jpl.nasa.gov>

Prev by Date: Secure replication
Next by Date: Re: Secure replication
Index(es):
- Chronological
- Thread