>>> wailok tam <[email protected]> schrieb am 01.12.2014 um 10:04 in Nachricht <674598213.1863113.1417424697693.javamail.ya...@jws10083.mail.ne1.yahoo.com>: > Hi, I would really be grateful if a nice guy would appear and save me with > this one. Simple bind replication over ldaps port does not work. I don't have > a clue. There are very few guides on setting up replication over ldaps on > the web or on prints. I am following this one as I am using RH:
Verifying your SSL certificates: Try this (preferrably as the same user that slapd uses): # openssl verify -CApath /etc/ssl/certs /etc/ssl/servercerts/slapd.pem /etc/ssl/servercerts/slapd.pem: OK If (you are using openssl and) it works, your certificate should be OK; if not fix it and repeat the test. [...] I'd leave out the "tls_cert=" to switch to automatic cert selection; if that soesn't work, something is wrong with your setup; if it works, you can try to use a fixed certificate. Then you could try a manual remote TLS (not SSL) connect (e.g. ldapsearch) to your master; if it doesn't work, fix the config and repeat the test. Try to retrieve the whole database; if it works, you are quite close, I guess. Turn on logging for "config" and "sync" at least. Try some modification on the master and watch what happens... Regards, Ulrich
