On Fri, Sep 18, 2009 at 11:31 PM, Quanah Gibson-Mount quanah@zimbra.com wrote:
Read the 2.4 Admin guide to start, the TLS options for syncrepl are now part of the syncrepl stanza. You will want to configure it there.
Hello, quick one about this, i read this page: http://www.openldap.org/doc/admin24/slapdconfig.html#syncrepl The part I am wondering about is this: "by default the TLS parameters from a ldap.conf(5) configuration file will be used. TLS settings may be specified here, in which case any ldap.conf(5) settings will be completely ignored"
So i do have a valid /etc/ldap.conf which contains references to TLS cert and stuff, why do i need more settings in slapd.conf? Reason I am asking is when i add this, in the syncrepl section, it fails saying unknown directive:
[starttls=yes|critical] [tls_cacert=<file>]
For info, this is my ldap.conf:
BASE dc=example, dc=com URI ldaps://masterldap.example.com:636/ TLS_CACERT /etc/ldap/cert/cacert.pem TLS_REQCERT demand
Cheers, Steph