RE: syncrepl fails after upgrade to openldap 2.4.45

--On Friday, June 23, 2017 8:30 AM +0000 Juergen.Sprenger@swisscom.com wrote:

Have also added these entries to syncrepl now, but without any success:

tls_cert=/etc/ssl/openldap/dannatu.ch.pem tls_key=/etc/ssl/openldap/dannatu.ch.key tls_cacert=/etc/ssl/certs/dannatuCA-cacert.pem

This would indicate you want to do client cert authentication with the syncrepl client, which as far as I know, you are not using (based on your earlier configuration). You need to remove the tls_cert and tls_key lines. I've tested with OpenLDAP 2.4.45 and TLS works as expected with replication.

--Quanah

--

Quanah Gibson-Mount Product Architect Symas Corporation Packaged, certified, and supported LDAP solutions powered by OpenLDAP: http://www.symas.com