syncrepl question

[sebastien Prouff]

Hello list,
I am working on a distributied tree with open ldap.(2-2-23 on sarge)
my DIT is fragmented in several pieces. (up to 50...) that I want to 
replicate on the master tree.
I tried to used the syncrepl directive, which look great (first look.)
So, after a short while I was able to get  shadow copie of one fragment.
Right after I tried to replicate the second fragment and problems arrived...
I cant' put two syncrepl directive in the consummers ldap!
So, is there a solution? a way to get several piece of a tree replicate 
with syncrepl?
If no, another solution would be fair!
Cheers
Sebastien



[EMAIL PROTECTED] a écrit :
The client *is* configured - (ldap.conf):
....
TLS_CACERT       /usr/local/etc/openldapcacert/cacert.pem
TLS_REQCERT   never
...

The server is configured (slapd.conf):
...
TLSCipherSuite               HIGH:MEDIUM:+TLSv1:+SSLv2
TLSCACertificateFIle     /usr/local/etc/openldap/cacert/cacert.pem
TLSCertificateFIle           /usr/local/etc/openldap/server.cert
TLSCertificateKeyFIle   /usr/local/etc/openldap/server.key
TLSVerifyClient               never
.....

Attached is the output of the server - indicating that the ca is still
"unknown "  I've tried every combination of client/server configurations I
can think of, and still get the same thing - I'm not sure what I'm missing
here.
Thanks
Dennis
(See attached file: server.out)




                                                                           
             Howard Chu                                                    
             <[EMAIL PROTECTED]>                                               
             Sent by:                                                   To 
             owner-openldap-so         [EMAIL PROTECTED]          
             [EMAIL PROTECTED]                                          cc 
             rg                        openldap-software@OpenLDAP.org      
             No Phone Info                                         Subject 
             Available                 Re: TLS question                    
                                                                           
                                                                           
             09/29/2006 08:24                                              
             PM                                                            
                                                                           
                                                                           




[EMAIL PROTECTED] wrote:
  
Hello:

      I am trying to get TLS working on openldap-2.3.20.  when I initiate
    
a
  
search, the debug info at the server indicates "unknown_ca".  According
    
to
  
RFC 2246, this means that the "CA certificate could not be located or
couldn't be matched with a known, trusted CA".  My question:  Isn't the
slapd.conf "TLSCACertificateFile" directive what tells slapd which CA to
trust?  If so, why isn't it working?
    

See the Admin Guide http://www.openldap.org/doc/admin23/tls.html

You need to configure the client.

--
   -- Howard Chu
   Chief Architect, Symas Corp.  http://www.symas.com
   Director, Highland Sun        http://highlandsun.com/hyc
   OpenLDAP Core Team            http://www.openldap.org/project/
  
------------------------------------------------------------------------

No virus found in this incoming message.
Checked by AVG Free Edition.
Version: 7.1.407 / Virus Database: 268.12.11/460 - Release Date: 01/10/2006