Hi everyone, I was able to make a 2-way Multimaster replication (including configuration) with TLS, by specifying "manually" the certificate (and key) for the 2nd server (certificate different from the 1st server). The servers replicated, OK.
But after the "first replication", the cn=config of the 2nd now contains the TLSCertificateFile and TLSCertificateKeyFile of the 1st server, which is point less. The 2nd server can't now start, because it can't find its certificate (and key), which is normal ...
Is it possible to specify "multiple" certificates in the cn=config file ?
Or should I go with using alternateSubjectAltName in certificates (which is not pretty) ?
I would really want to go to multimaster for configuration for the following (source of typing faults) elements : - authz-regexp - schema - acl - overlays configuration$
I'm using OpenLDAP 2.4.11 compiled from source on RHEL4U5.
Thanks in advance for any answer, Sincerely yours, Mathieu MILLET.
-- Mathieu MILLET mailto:ldap@htam.net