[Fedora-directory-users] SSL problem on replication!
Susan
logastellus at yahoo.com
Fri Mar 24 20:21:36 UTC 2006
--- Alex aka Magobin <magobin at gmail.com> wrote:
> On gio, 2006-03-23 at 08:43 -0800, Susan wrote:
> > This is what I did to get ssl repl working:
> >
> > 1. generate a single CA certificate and use that to sign both the supplier and consumer
> > certificates. Each server doesn't need its own CA.
> >
> > on the consumer:
> >
>
>
>
> Thank you Susan for your reply...two question 4 you if possible:
>
> 1) This procedure..similar to (Chapter 8 in Administration Guide)...but
> you have to create cert db before
yes, cert db must exist, for a cert to be exported out of it :)
>
> 2) To make secure replication...I have to enable ssl on DS...in this
> case...is still possible to query LDAP on port 389 ??
yes. One way to disable it is to set the ldap port to 0, FDS will then say on startup that non
secure access has been disabled, proceeding. That will break the console access, however. I
haven't been able to turn off non-ssl access AND still be able to use the console.
__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com
More information about the Fedora-directory-users
mailing list