Re: N-Way multimaster Replication with TLS and multiple server certificates

9 Dec 2014

      coma wrote:
...
My problem is that cn=config is replicated on all servers, including
TLSCertificateFile and TLSCertificateKeyFile... therefore the replication
obviously not working (the certificate and key path of the first server are
replicated on the second server).
I know there is some solutions to workaround this "issue", like:

Don't replicate cn=config
Use the same certificate and key for all servers
Use the same certificate and key path in cn=config (ex:

/etc/openldap/cert/common_cert_name.pem and
/etc/openldap/cert/common_cert_name.key) and then make symlinks to the
correct files on the local server
..or directly place the correct files to the same certificate and key path.
Yes, that's what
ansible/puppet/chef/name-your-favourite-config-management-tool
is for.
Ciao, Michael.

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

Re: N-Way multimaster Replication with TLS and multiple server certificates