Thank you for your hint.
I did read the suggested documentation before asking for assistance, but
did not understand it at that time.
In the end I used simple authentication over TLS/SSL.
Regards,
Mitja
Rich Megginson wrote:
Mitja Mihelič wrote:
> Hi!
>
> I am trying to get replication to work over SSL, but I seem to be
> missing something...
>
> To make a long story short: single-master and multi-master
> replication without SSL works without a problem.
>
> I have created two Directory servers via the Management Console, one
> called master (supplier) and one called replica (consumer).
> I have issued a certificate request via the management console for
> the supplier and consumer.
> Both were signed by a test CA and imported into the corresponding
> server's certificate store.
> Now, what exactly must I do, to correctly map the certificates and
> make them talk to each other ?
> I have read the documentation, but I just don't understand how to
> make it work.
>
> The following dn is used for replication:
> dn: cn=replication manager,cn=config
> objectClass: inetorgperson
> objectClass: person
> objectClass: top
> objectClass: organizationalPerson
> cn: replication manager
> sn: RM
> userPassword: replicate
> passwordExpirationTime: 20380119031407Z
>
> Greetings,
> Mitja
>
> Read the following lines if you wish to know how I have it set up
> what I have done to set up non-SSL replication:
> The Directory server instances are using their own ports (supplier:
> 30389/30636 and consumer: 40389/40636 respectively).
> I have inserted a replication user into the dse.ldif files in both
> the supplier and the consumer as specified in the documentation.
> The supplier has been populated with test entries, enabled the
> changelog and replication of the relevant database.
> The consumer has been set up accordingly.
> I have created an appropriate replication agreement and initialized
> the consumer.
> All entries replicated as expected and the replica was updating
> successfully.
If you want to use simple authentication using your replication
manager user, but you want the connection to be secure with TLS/SSL,
start here -
http://www.redhat.com/docs/manuals/dir-server/8.1/admin/Managing_Replicat...
>
>
> --
> 389 users mailing list
> 389-users(a)redhat.com
>
https://www.redhat.com/mailman/listinfo/fedora-directory-users
------------------------------------------------------------------------
--
389 users mailing list
389-users(a)redhat.com
https://www.redhat.com/mailman/listinfo/fedora-directory-users