Hi Dieter, Thanks. With inclusion of tls_cacert, the replication is happening.
Thanks and Regards, Naga Chaitanya -----Original Message----- From: [email protected] [mailto:[email protected]] On Behalf Of Dieter Kluenter Sent: Tuesday, July 19, 2011 5:25 PM To: [email protected] Subject: Re: TLS configuration with syncrepl Am Mon, 18 Jul 2011 21:05:48 +0530 schrieb Naga Chaitanya Palle <[email protected]>: > Hi, > > I am configuring TLS for syncrepl. But the consumer is not reading > any updates from the server. Without tls the configuration was > working fine. Please let me know where I am going wrong > > On client, my configuration files are as follows > > slapd.conf > access to attrs=userPassword > by self write > by users read > by anonymous auth > > > access to attrs=shadowLastChange > by self write > by * auth > > access to * > by * read > > moduleload syncprov.la > > syncrepl rid=124 > provider=ldaps://smalldevonly.comverse-in.com:389 > type=refreshOnly > interval=00:00:01:00 > searchbase="dc=comverse-in,dc=com" > filter="(objectClass=top)" > scope=sub > attrs="cn,uidNumber" > schemachecking=off > bindmethod=simple > binddn="cn=Manager,dc=comverse-in,dc=com" > credentials=sonora > > updateref ldaps://smalldevonly.comverse-in.com [...] There is a tls_cacert=<path> parameter missing in the syncrepl statements. Please note that syncrepl is a ldap client application and requires appropriate client configuration parameters. -Dieter -- Dieter Klünter | Systemberatung sip: [email protected] http://www.daasi.de/ldapcon2011/ GPG Key ID:8EF7B6C6 =============================================================================== Please refer to http://www.aricent.com/legal/email_disclaimer.html for important disclosures regarding this electronic communication. ===============================================================================
