Reply-to: "General discussion list for the 389 Directory server project." <389-users@xxxxxxxxxxxxxxxxxxxxxxx>
User-agent: Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9.2.17) Gecko/20110419 Red Hat/3.1.10-1.el6_0 Lightning/1.0b2pre Thunderbird/3.1.10
On 05/18/2011 10:28 AM, solarflow99 wrote:
This is the latest: 389-ds-base-1.2.8.2-1.el5 I think
its something simple, since I have it working, but just not over
startTLS on port 389. When I change the replication agreement to:
use StartTLS, the replication status shows: LDAP error: Protocol
Error. Error code: 2
The docs didn't say much about this, can't dirsrv use default
certs from /etc/pki like apache ssl and ssh use for this?
No. 389 doesn't use the nsspem module that reads openssl/pem style
cert files/directories like apache mod_ssl and others.
On Wed, May 18, 2011 at 11:26 AM, Rich
Megginson <rmeggins@xxxxxxxxxx>
wrote:
On 05/18/2011 08:35 AM, solarflow99 wrote:
I just wonder why i'm getting:
RESULT err=2 when I try to use replication over simple
SSL. The replication agreement works when I use ldap
with no encryption, but when I select SSL encryption
with ldap it just gives that error. I'm not looking to
use certificates, just simple bind DN/password.
What platform? What version of 389-ds-base? What does it
say in the errors log?
What replication configuration did you do to use SSL?
Have you installed the CA cert?
