On Thu, Mar 6, 2014 at 12:19 PM, Chaudhari, Rohit K. <Rohit.Chaudhari@xxxxxxxxxx> wrote:
Hi All,
I am trying to create multi-master replication in 389. But I am having
trouble using ldapmodify to create a replication manager DN account
I get the following error:
Additional info: TLS error -8157: Certificate extension not found
I went on the web and some people suggested I have a TLS_REQCERT=none line
in /etc/openldap/ldap.conf, but this did not fix it either.
My certificate in /etc/openldap/cacerts is called cacert.asc.
Does anyone know how I can fix my problem?
Thanks,
R
--
389 users mailing list
389-users@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/389-users
Not totally sure, but don't use the "="
here is mine:
URI ldaps://baldirsrv ldaps://hqdirsrv ldaps://stldirsrv
BASE ou=People,dc=domain,dc=com
TLS_CACERTDIR /etc/openldap/cacerts
# TLS_CACERT /etc/openldap/cacerts/cacert.asc
TLS_REQCERT allow
you can set it to "TLS_REQCERT never" as well.
Also consider setting the TLS_CACERTDIR and TLS_CACERT
-- 389 users mailing list 389-users@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/389-users
