On 30 Mar 2016, at 7:30 PM, Graham Leggett <minfrin@xxxxxxxx> wrote: > I have tried to set up a replication agreement on a 389ds master to send updates to a 389ds slave. The master is configure to use client certs for authentication. > > The 389ds master fails each time it attempts to contact the slave with the following message, and tcpdump shows no traffic flowing over the wire: > > [30/Mar/2016:17:19:19 +0000] setup_ol_tls_conn - failed: unable to create new TLS context > [30/Mar/2016:17:19:19 +0000] slapi_ldap_bind - Error: could not configure the server for cert auth - error -1 - make sure the server is correctly configured for SSL/TLS > [30/Mar/2016:17:19:19 +0000] NSMMReplicationPlugin - agmt="cn=Agreement ldap.example.com" (ldap:636): Replication bind with EXTERNAL auth failed: LDAP error 0 (Success) () The code looks broken, raised a bug with theoretical patch here: https://fedorahosted.org/389/ticket/48782 Regards, Graham — -- 389 users mailing list 389-users@%(host_name)s http://lists.fedoraproject.org/admin/lists/389-users@xxxxxxxxxxxxxxxxxxxxxxx
