[389-users] PCI SSL TLS certificate requirements change

Hi, we are using SSLv3 certs, and have a multi-master replication environment. I have over 2000 clients currently using these CAs, and updating them to TLS seems highly disruptive. Does anyone know of a way to add the updated TLS cert, while still honoring the old SSLv3 certs from clients? Or perhaps a way to add new replicas in to the environment with the new TLS certs, but also add them in to the replication pool with the old SSLv3 systems? Maybe a good guide/white paper on how to achieve this for PCI requirements? Alexander Mayberry Enterprise Systems Engineer SD Group: EIT Infrastructure – OMA Enterprise.Systems Engineering.Infrastructure