I just wonder why i'm getting: RESULT err=2 when I try to use replication over simple SSL. The replication agreement works when I use ldap with no encryption, but when I select SSL encryption with ldap it just gives that error. I'm not looking to use certificates, just simple bind DN/password.
On 05/18/2011 08:35 AM, solarflow99 wrote:
I just wonder why i'm getting: RESULT err=2 when I try to use replication over simple SSL. The replication agreement works when I use ldap with no encryption, but when I select SSL encryption with ldap it just gives that error. I'm not looking to use certificates, just simple bind DN/password.
What platform? What version of 389-ds-base? What does it say in the errors log? What replication configuration did you do to use SSL? Have you installed the CA cert?
-- 389 users mailing list 389-users@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/389-users
This is the latest: 389-ds-base-1.2.8.2-1.el5 I think its something simple, since I have it working, but just not over startTLS on port 389. When I change the replication agreement to: use StartTLS, the replication status shows: LDAP error: Protocol Error. Error code: 2
The docs didn't say much about this, can't dirsrv use default certs from /etc/pki like apache ssl and ssh use for this?
Thanks,
On Wed, May 18, 2011 at 11:26 AM, Rich Megginson rmeggins@redhat.comwrote:
On 05/18/2011 08:35 AM, solarflow99 wrote:
I just wonder why i'm getting: RESULT err=2 when I try to use replication over simple SSL. The replication agreement works when I use ldap with no encryption, but when I select SSL encryption with ldap it just gives that error. I'm not looking to use certificates, just simple bind DN/password.
What platform? What version of 389-ds-base? What does it say in the errors log? What replication configuration did you do to use SSL? Have you installed the CA cert?
-- 389 users mailing list389-users@lists.fedoraproject.orghttps://admin.fedoraproject.org/mailman/listinfo/389-users
On 05/18/2011 10:28 AM, solarflow99 wrote:
This is the latest: 389-ds-base-1.2.8.2-1.el5 I think its something simple, since I have it working, but just not over startTLS on port 389. When I change the replication agreement to: use StartTLS, the replication status shows: LDAP error: Protocol Error. Error code: 2
The docs didn't say much about this, can't dirsrv use default certs from /etc/pki like apache ssl and ssh use for this?
No. 389 doesn't use the nsspem module that reads openssl/pem style cert files/directories like apache mod_ssl and others.
See http://directory.fedoraproject.org/wiki/Howto:SSL and http://docs.redhat.com/docs/en-US/Red_Hat_Directory_Server/8.2/html-single/A... and
Thanks,
On Wed, May 18, 2011 at 11:26 AM, Rich Megginson <rmeggins@redhat.com mailto:rmeggins@redhat.com> wrote:
On 05/18/2011 08:35 AM, solarflow99 wrote:
I just wonder why i'm getting: RESULT err=2 when I try to use replication over simple SSL. The replication agreement works when I use ldap with no encryption, but when I select SSL encryption with ldap it just gives that error. I'm not looking to use certificates, just simple bind DN/password.
What platform? What version of 389-ds-base? What does it say in the errors log? What replication configuration did you do to use SSL? Have you installed the CA cert?
-- 389 users mailing list 389-users@lists.fedoraproject.org <mailto:389-users@lists.fedoraproject.org> https://admin.fedoraproject.org/mailman/listinfo/389-users
-- 389 users mailing list 389-users@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/389-users
389-users@lists.fedoraproject.org