Full_Name: Jan Vcelak Version: master OS: Linux URL: ftp://ftp.openldap.org/incoming/jvcelak-20110912-syncrepl-allow-unsetting... Submission from: (NULL) (209.132.186.34) Hello, I'm just passing a patch submitted to our bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=734187 To sum it up: If tls_cert/tls_key syncrepl options are not specified, server setting is inherited and used. According to various reports on the Internet, this is a feature, not a bug. However it forces a replica to use a client certificate for authentication, because the tls_cert and tls_key options can not be disabled. The patch allows tls_* options to be disabled, like this: "tls_cert=" Without the patch, "file not found" error will occur. The patch is written by the submitter of the bug report - Patrick Monnerat (pm at datasphere dot ch). Jan