Hello list, Using version 2.2.23 (Debian Sarge) with slurpd-replication, I see that the certificates are exchanged and replication works, but the replicator's username/pass is passing cleartext over the line.
-- master slapd.conf: replica uri=ldap://ldapslave.example.com starttls=yes binddn=cn=replicator,dc=example,dc=com bindmethod=simple credentials=secret -- master ldap.conf: TLS_CACERT /etc/ldap/cacert.crt -- slave slapd.conf TLSCACertificateFile /etc/ldap/cacert.crt TLSCertificateFile /etc/ldap/ldapslave.example.com-cert.pem TLSCertificateKeyFile /etc/ldap/ldapslave.example.com-key.pem When connecting to the servers (master and slave) with gq, tls is working. Anyone a hint? Richard. -- ___________________________________________________________________ It is better to remain silent and be thought a fool, than to speak aloud and remove all doubt. +------------------------------------------------------------------+ | Richard Lucassen, Utrecht | | Public key and email address: | | http://www.lucassen.org/mail-pubkey.html | +------------------------------------------------------------------+
