On Mon, Jan 21, 2008 at 08:20:49PM +0100, Dieter Kluenter wrote:
Hi,
Alex Samad alex@samad.com.au writes:
On Mon, Jan 21, 2008 at 06:12:33AM +0100, Emmanuel Dreyfus wrote:
Howard Chu hyc@symas.com wrote:
[snip]
I am trying to find out if it is possible to use a different
certificate
for the syncrepl process, but I can't find it. Maybe its in saslmech option.
You may use the sasl external mechanism and create a certificate with a DN matching the bindDN (although you don't have to define a binddn).
Yep I have this setup. Seems like there is a bit of difference between 2.3 and 2.4. I am on Debian etch, which is currently on 2.3. In 2.4 there are provisions to specify the cert actually used for the syncrepl connection! This doesn't seem to be possible in 2.3
-Dieter
-- Dieter Klünter | Systemberatung http://www.dkluenter.de GPG Key ID:8EF7B6C6