--On December 20, 2007 11:03:44 AM -0500 "Chris G. Sellers" chris.sellers@nitle.org wrote:
which suggests that the connection could not be made on port 389 via TLS. I can't figure out how to tell the repl connection to send a certificate. Do I have to setup a user in LDAP with a cert? Do I put a client cert into the syncrepl section of the slapd.conf file on the slave? Please advise.
You are confused. LDAPv3 startTLS is used to encrypt connections over port 389 (or other ports). The Ldapv2 HACK to do TLS over port 636 (ldaps://) is the other way of doing SSL encryption. You are mixing these two very different mechanisms.
--Quanah
--
Quanah Gibson-Mount Principal Software Engineer Zimbra, Inc -------------------- Zimbra :: the leader in open source messaging and collaboration