[Fedora-directory-users] multi master replication over SSL
Richard Megginson
rmeggins at redhat.com
Sat Jan 14 20:12:41 UTC 2006
Susan wrote:
>I got this from the manual:
>
>Note
>Replication configured over SSL with certificate-based authentication will fail in the following
>cases:
>
> * If the supplier's certificate is a self-signed certificate.
>_________
>
>Is that still the case for FDS? Is there any way to get it working using self-signed certs?
>
>
If the consumer can verify and validate the suppliers cert, as in
certificate based auth, then it should work. Otherwise, you can just
use regular SSL replication with password auth.
>If not, I'm thinking of using stunnel between both masters, then.
>
>
Will that allow you to do certificate based auth, or just SSL encryption
of the channel with password based auth? If so, then it's the same as
regular replication with SSL and passwords without certificate based auth.
>__________________________________________________
>Do You Yahoo!?
>Tired of spam? Yahoo! Mail has the best spam protection around
>http://mail.yahoo.com
>
>--
>Fedora-directory-users mailing list
>Fedora-directory-users at redhat.com
>https://www.redhat.com/mailman/listinfo/fedora-directory-users
>
>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3178 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://listman.redhat.com/archives/fedora-directory-users/attachments/20060114/e31ef9bb/attachment.bin>
More information about the Fedora-directory-users
mailing list