Dear List,
i'm using N-Way multimaster replication with 2 servers (i will use it on 30
servers soon). Each server is using it's own certificate, so the content of
TLSCertificateFile and TLSCertificateKeyFile is different in the cn=config
of each of them.
My problem is that cn=config is replicated on all servers, including
TLSCertificateFile and TLSCertificateKeyFile... therefore the replication
obviously not working (the certificate and key path of the first server are
replicated on the second server).
I know there is some solutions to workaround this "issue", like:
- Don't replicate cn=config
- Use the same certificate and key for all servers
- Use the same certificate and key path in cn=config (ex:
/etc/openldap/cert/common_cert_name.pem and
/etc/openldap/cert/common_cert_name.key) and then make symlinks to the
correct files on the local server
but I would avoid this type of solutions if possible, so i would like to
know if there is a solution to avoid to replicate TLSCertificateFile and
TLSCertificateKeyFile, or other trick?
Thank you in advance for any response,
Best regards,