14 Mar
2008
14 Mar
'08
7:38 a.m.
In case anyone else has this problem and had the same chair/keyboard breakdown I had,
I'd overwritten my ldap.conf file when I reinstalled and syncrepl (on the client side at least) would seem to get it's CA info from the /usr/local/etc/openldap/ldap.conf file rather than the TLSCACertificateFile option in slapd.conf
Oh dear :-(
On a related note, while the man page still mentions starttls for syncrepl, the online admin guide doesn't http://www.openldap.org/doc/admin24/slapdconfig.html#syncrepl Is this a hint to get people using sasl instead of simple?
No, they just need updating. I've just filed a ticket for myself:
http://www.openldap.org/its/index.cgi/Documentation?id=5425
Thanks,
Gavin.