Real, Elizabeth (392K) wrote: > Quick question about replication, I’m setting up an ldapclient to talk to my > two > LDAP servers which are replicating fine. > > To be able to talk to both LDAP servers, do I need to scp the server > certificate > (cert.pem) from both servers into the ldapclient /etc/openldap/cacerts > directory? I’m looking at this documentation to configure the ldap client > using > sssd: https://www.certdepot.net/ldap-client-configuration-authconfig/
If the OpenLDAP server is configured correctly you only need the CA public-key certificate at the client side to validate the server public-key cert. Ciao, Michael.
smime.p7s
Description: S/MIME Cryptographic Signature