[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Problem with TLS and multiple servers in URI

To: openldap-software@OpenLDAP.org
Subject: Re: Problem with TLS and multiple servers in URI
From: Johan Andersson <johan.andersson@se.datalogic.com>
Date: Fri, 24 Sep 2004 07:27:18 +0200
In-reply-to: <6.1.2.0.0.20040923151313.040cbca0@127.0.0.1>
References: <41532C89.9090803@se.datalogic.com> <6.1.2.0.0.20040923151313.040cbca0@127.0.0.1>
User-agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.2) Gecko/20040816

Kurt D. Zeilenga wrote:

At 01:05 PM 9/23/2004, Johan Andersson wrote:
From what I can see, slapd stops to negotiate TLS when more than one server is specified in ldap.conf. If I start slapd when there only is one server specified in ldap.conf, and then add the

second server when slapd is running, TLS suddenly works, and the client can reach both servers!

slapd(8) server functions doesn't rely on ldap.conf(5) for its configuration. ldap.conf(5) is for configuring client functions of LDAP clients such as ldapsearch(1).

So I thought too, until I found out I can get it to work by doing:
1.   Edit ldap.conf to only include one server in the URI string.
2.   Start slapd.
3.   Edit ldap.conf to include both servers in the URI string.
4.   Run ldapsearch.

So slapd must be doing something with ldap.conf.

Someone suggested to use HOST instead of URI. I tried that, but with the
same result.

/Johan Andersson

References:
- Problem with TLS and multiple servers in URI
  - From: Johan Andersson <johan.andersson@se.datalogic.com>
- Re: Problem with TLS and multiple servers in URI
  - From: "Kurt D. Zeilenga" <Kurt@OpenLDAP.org>

Prev by Date: still nothing on getting Outlook to see groupOfNames members
Next by Date: linking to openldap
Index(es):
- Chronological
- Thread