Susan wrote: >--- Richard Megginson <rmeggins at redhat.com> wrote: > > >>If the consumer can verify and validate the suppliers cert, as in >>certificate based auth, then it should work. Otherwise, you can just >>use regular SSL replication with password auth. >> >> > >OK, I understand. I don't care about cert-based SSL, so I'll go with the simple auth then. > >I'm not sure who wrote the mmr.pl script >(http://directory.fedora.redhat.com/wiki/Howto:MultiMasterReplication) but I must say thank you, >author, the script works trouble free, as advertised. However, I don't see anything in there >about replication over SSL. And it doesn't look like I can convert it to SSL, once the >replication is established using mmr.pl, is that correct? > > No, I think you can. You just need to edit the replication agreement to use ssl and connect to the ssl port. > > >>Will that allow you to do certificate based auth, or just SSL encryption >>of the channel with password based auth? If so, then it's the same as >>regular replication with SSL and passwords without certificate based au >> >> > >no, you're right, it's the same thing, so no point in using stunnel then. Nevermind. > >__________________________________________________ >Do You Yahoo!? >Tired of spam? Yahoo! Mail has the best spam protection around >http://mail.yahoo.com > >-- >Fedora-directory-users mailing list >Fedora-directory-users at redhat.com >https://www.redhat.com/mailman/listinfo/fedora-directory-users > > -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/x-pkcs7-signature Size: 3178 bytes Desc: S/MIME Cryptographic Signature Url : http://lists.fedoraproject.org/pipermail/389-users/attachments/20060114/21fd9c3a/attachment.bin
