Thank you for your hint. I did read the suggested documentation before asking for assistance, but did not understand it at that time. In the end I used simple authentication over TLS/SSL. Regards, Mitja Rich Megginson wrote: > Mitja Miheli? wrote: >> Hi! >> >> I am trying to get replication to work over SSL, but I seem to be >> missing something... >> >> To make a long story short: single-master and multi-master >> replication without SSL works without a problem. >> >> I have created two Directory servers via the Management Console, one >> called master (supplier) and one called replica (consumer). >> I have issued a certificate request via the management console for >> the supplier and consumer. >> Both were signed by a test CA and imported into the corresponding >> server's certificate store. >> Now, what exactly must I do, to correctly map the certificates and >> make them talk to each other ? >> I have read the documentation, but I just don't understand how to >> make it work. >> >> The following dn is used for replication: >> dn: cn=replication manager,cn=config >> objectClass: inetorgperson >> objectClass: person >> objectClass: top >> objectClass: organizationalPerson >> cn: replication manager >> sn: RM >> userPassword: replicate >> passwordExpirationTime: 20380119031407Z >> >> Greetings, >> Mitja >> >> Read the following lines if you wish to know how I have it set up >> what I have done to set up non-SSL replication: >> The Directory server instances are using their own ports (supplier: >> 30389/30636 and consumer: 40389/40636 respectively). >> I have inserted a replication user into the dse.ldif files in both >> the supplier and the consumer as specified in the documentation. >> The supplier has been populated with test entries, enabled the >> changelog and replication of the relevant database. >> The consumer has been set up accordingly. >> I have created an appropriate replication agreement and initialized >> the consumer. >> All entries replicated as expected and the replica was updating >> successfully. > If you want to use simple authentication using your replication > manager user, but you want the connection to be secure with TLS/SSL, > start here - > http://www.redhat.com/docs/manuals/dir-server/8.1/admin/Managing_Replication-Replication_over_SSL.html > > >> >> >> -- >> 389 users mailing list >> 389-users at redhat.com >> https://www.redhat.com/mailman/listinfo/fedora-directory-users > > > ------------------------------------------------------------------------ > > -- > 389 users mailing list > 389-users at redhat.com > https://www.redhat.com/mailman/listinfo/fedora-directory-users >
