[Fedora-directory-users] multi master replication over SSL
Richard Megginson
rmeggins at redhat.com
Sat Jan 14 21:28:33 UTC 2006
Susan wrote:
>--- Richard Megginson <rmeggins at redhat.com> wrote:
>
>
>>If the consumer can verify and validate the suppliers cert, as in
>>certificate based auth, then it should work. Otherwise, you can just
>>use regular SSL replication with password auth.
>>
>>
>
>OK, I understand. I don't care about cert-based SSL, so I'll go with the simple auth then.
>
>I'm not sure who wrote the mmr.pl script
>(http://directory.fedora.redhat.com/wiki/Howto:MultiMasterReplication) but I must say thank you,
>author, the script works trouble free, as advertised. However, I don't see anything in there
>about replication over SSL. And it doesn't look like I can convert it to SSL, once the
>replication is established using mmr.pl, is that correct?
>
>
No, I think you can. You just need to edit the replication agreement to
use ssl and connect to the ssl port.
>
>
>>Will that allow you to do certificate based auth, or just SSL encryption
>>of the channel with password based auth? If so, then it's the same as
>>regular replication with SSL and passwords without certificate based au
>>
>>
>
>no, you're right, it's the same thing, so no point in using stunnel then. Nevermind.
>
>__________________________________________________
>Do You Yahoo!?
>Tired of spam? Yahoo! Mail has the best spam protection around
>http://mail.yahoo.com
>
>--
>Fedora-directory-users mailing list
>Fedora-directory-users at redhat.com
>https://www.redhat.com/mailman/listinfo/fedora-directory-users
>
>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3178 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://listman.redhat.com/archives/fedora-directory-users/attachments/20060114/21fd9c3a/attachment.bin>
More information about the Fedora-directory-users
mailing list