Last week, Wesley Craig wrote: IB> I have one machine in a data centre which runs 2.3.13 IB> [and a] machine at home, similarly running 2.3.13, IB> with a static IP number and an appropriate hole in the IB> firewall to run replication. Which is all good, but IB> I'm not at all sure how good my ISP is at preventing IB> Bad People from mis-using IP numbers, so I'd like to IB> require the sync_server to offer a certificate to prove IB> its good will to the sync_client. WC> If the sync_server isn't allowed to accept clear text WC> passwords and is configured to provide certificates, WC> you should be all set. WC> [..] It should "Just Work". If you want to try also using certificates to authenticate the client to the server, you might like to look at my patch - thus far only tested for traditional murder FE->BE and FE/BE->MUPDATE authentication: https://bugzilla.andrew.cmu.edu/show_bug.cgi?id=3133 Cheers Duncan -- Duncan Gibb, Technical Director Sirius Corporation plc - The Open Source Experts http://www.siriusit.co.uk/ Tel: +44 870 608 0063 ---- Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
