Susan wrote:
You can configure Console to talk LDAPS. I was just able to disable the standard LDAP port on my FDS 1.0.2 install and still use Console. You need to check the "Use SSL in Fedora Console" checkbox in the "Configuration" tab of the Directory Server Console.--- Alex aka Magobin <magobin@xxxxxxxxx> wrote:On gio, 2006-03-23 at 08:43 -0800, Susan wrote:This is what I did to get ssl repl working: 1. generate a single CA certificate and use that to sign both the supplier and consumer certificates. Each server doesn't need its own CA. on the consumer:Thank you Susan for your reply...two question 4 you if possible: 1) This procedure..similar to (Chapter 8 in Administration Guide)...but you have to create cert db beforeyes, cert db must exist, for a cert to be exported out of it :)2) To make secure replication...I have to enable ssl on DS...in this case...is still possible to query LDAP on port 389 ??yes. One way to disable it is to set the ldap port to 0, FDS will then say on startup that non secure access has been disabled, proceeding. That will break the console access, however. I haven't been able to turn off non-ssl access AND still be able to use the console.
-NGK
__________________________________________________ Do You Yahoo!?Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com-- Fedora-directory-users mailing list Fedora-directory-users@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-directory-users
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature
-- Fedora-directory-users mailing list Fedora-directory-users@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-directory-users
