I believe that I'm very close to getting this to work for me. This is what I've done: 1. created my own CA certificate by running this openssl req -new -x509 -keyout private/cakey.pem -out cacert.pem 2. using the gui, I followed the steps listed here http://www.redhat.com/docs/manuals/dir-server/ag/7.1/ssl.html#1085091 under Obtaining and Installing server certificates, including the step 4 marked Trust the certificate authority. Everything to this point looks great; on each directory server the server certificates look fine including verifying that my new CA is listed and verified under the CA certs tab. I believe at this point that each directory server will inherently trust each other's server certificate, as their own certificates were signed by my own CA. Is this true? If so, can someone tell me what the next step is to enable ssl replication between the 2 directory servers as well as secure client authentication? Thanks very much. Aaron www.preferredcare.org "An Outstanding Member Experience," Preferred Care HMO Plans -- J. D. Power and Associates Confidentiality Notice: The information contained in this electronic message is intended for the exclusive use of the individual or entity named above and may contain privileged or confidential information. If the reader of this message is not the intended recipient or the employee or agent responsible to deliver it to the intended recipient, you are hereby notified that dissemination, distribution or copying of this information is prohibited. If you have received this communication in error, please notify the sender immediately by telephone and destroy the copies you received.
