Emmanuel Dreyfus wrote:
Mark W Apperson <[EMAIL PROTECTED]> wrote:We will be using OpenLDAP with TLS, and also plan to use the OpenLDAP replication as well. I would like to keep plain text passwords out of config files. We are using the '{SSHA}' configuration option for the 'rootdn' configuration variable. Is there something similar that I can use for the replication 'credentials'?What about using certificate authentication? That completely removes the need for a replication password.
Anyway either the private key has to be stored somewhere 1. in clear or 2. password-protected. 2. would require manual admin interaction during startup. (I don't know whether that's supported at all.)
Ciao, Michael.
