I have a weird issue setting up FreeIPA replica. Conncheck passes fine
but at the end of ipa-replica-install I always get following error:

slapi_ldap_bind -Error: could not send startTLS request: error -11
(Connect error) errno 0 (Success)

on both master and replica without any further explanation in logs.

/etc/ldap.conf is correctly setup before ipa-replica-install and IPA CA
certificate is installed in system CA bundle so TLS should work just

Also I can manually connect just fine from replica to master and back so
it's not a network or LDAP client issue.

Replica agreement looks like this: http://pastebin.com/FT3p3KUk

freeipa-server 4.1.4

Has anyone idea where to look at?


Attachment: signature.asc
Description: Digital signature

Manage your subscription for the Freeipa-users mailing list:
Go to http://freeipa.org for more info on the project

Reply via email to