On Fri, Sep 18, 2009 at 11:31 PM, Quanah Gibson-Mount <[email protected]> wrote: > Read the 2.4 Admin guide to start, the TLS options for syncrepl are now part > of the syncrepl stanza. You will want to configure it there.
Hello, quick one about this, i read this page: http://www.openldap.org/doc/admin24/slapdconfig.html#syncrepl The part I am wondering about is this: "by default the TLS parameters from a ldap.conf(5) configuration file will be used. TLS settings may be specified here, in which case any ldap.conf(5) settings will be completely ignored" So i do have a valid /etc/ldap.conf which contains references to TLS cert and stuff, why do i need more settings in slapd.conf? Reason I am asking is when i add this, in the syncrepl section, it fails saying unknown directive: [starttls=yes|critical] [tls_cacert=<file>] For info, this is my ldap.conf: BASE dc=example, dc=com URI ldaps://masterldap.example.com:636/ TLS_CACERT /etc/ldap/cert/cacert.pem TLS_REQCERT demand Cheers, Steph
