I still have problem with ssl replication...in order to resolv this problem I post my steps to configure it..thanks in advance if someone could help me..: 1)in alias directory I make pwdfile.txt and noise .txt 2) Make a .db file: ../shared/bin/certutil -N -d . -f pwdfile.txt 3) Make an encrypted key: ../shared/bin/certutil -G -d . -z noise.txt -f pwdfile.txt 4) Make an mysel certificate: ../shared/bin/certutil -S -n "CA certificate" -s "cn=CAcert" -x -t "CT,," -m 1000 -v 120 -d . -z noise.txt -f pwdfile.txt 5) make a CA server ../shared/bin/certutil -S -n "Server-Cert" -s "cn=domain.example.com" -c "CA certificate" -t "u,u,u" -m 1001 -v 120 -d . -z noise.txt -f pwdfile.txt 6) Rename db and relink: mv cert8.db slapd-server-cert8.db mv key3.db slapd-server-key3.db ln -s slapd-server-cert8.db cert8.db ln -s slapd-server-key3.db key3.db chown nobody *.db 7) Esporting certificate: ../shared/bin/certutil -L -d . -n "CA Certificate" -a > nodo1.cert.asc 8) Send to nodo2 scp nodo1.cert.asc root@nodo2:/opt/fedora-ds/alias/ 9)Importing in db: ../shared/bin/certutil -A -d . -P slapd-nodo2- -n "CA Certificate" -t "CT,," -a -i nodo1.cert.asc 10) make a replication with mmr.pl script ./mmr.pl --host1 nodo1.domain.example.com --host2 nodo2.domain.example.com --host_id 1 --host_id 2 --bindpw secretpwd --repmanpw secret --create --with-ssl 11) After that....should be a replication...but if in slapd log I find: NSMMReplicationPlugin - agmt=cn"Replication to nodo2.domain.example.com"" (nodo2:636): SSL Not Initialized, Replication over SSL FAILED NSMMReplicationPlugin - agmt=cn"Replication to nodo2.domain.example.com"" (nodo2:636):incremental update failed and requires administrator action Any help is greetly apreciated! Alex -- Fedora-directory-users mailing list Fedora-directory-users@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-directory-users
