Hello, After having read through the Howto:SSL document on the 389 wiki, i went ahead and set up SSL for my master instance - it works great, and i couldn't be happier. :) I have a slave set up to do read-only replication from the master ; now, the wiki document has information on how to integrate the certificate into a slave so that the replication can occur over SSL, which i'll no doubt do, but that's not what i'm looking for advice on now. What i'm interested in is actually duplicating the new SSL setup that currently exists on the master. I realise that this sounds funny, but the reason is simple : in our environment, all of the clients and LDAP-aware applications are configured to send requests to a given hostname (which is not the base FQDN of the LDAP server - it's another, separate hostname entirely). If the master goes down, the slave automatically has this separate hostname assigned to it. (Put another way, it's a sort of poor-man's failover. It's far from perfect, and everybody knows it, but that's what's there, so for now we live with it. :P ) What i would appear to need, therefore, is to have the slave be able to respond to incoming SSL requests with exactly the same credentials as the master. Is this even possible, and if so, how would i got about doing it ? Thank you, all. -- Daniel Maher <dma + 389users AT witbe DOT net> -- 389 users mailing list 389-users@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/389-users
