I don't know if this is relevant to my on-going replication woes... On my consumer, I have the following certs - Server-Cert u,u,u CA certificate CTu,u,u CAcertva2 CT,, On the server that is able to successfully replicat to this consumer, I have - Server-Cert u,u,u CA certificate CT,, CA tldap1 CTu,u,u On the server that can't replicate successfully to the consumer, I have - Server-Cert u,u,u CAcert CT,, CA vadcldap2 CTu,u,u The cert that should be the same on all 3 is listed as "CA certificate" on the consumer and the successful supplier, but listed as CAcert on the failing supplier. I pulled the cert from both the consumer and the successful supplier and installed each copy into my failing supplier, and every time it lists itself as CAcert and replication continues to fail using either cert. Would replication care what the cert name is in the cert database? And why would it force its name to CAcert on one server when it is named CA certificate on the other two servers, even after I have exported it from the other servers and imported it into the bad one? -- 389 users mailing list 389-users@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/389-users