25 Oct
2018
25 Oct
'18
7:11 a.m.
On 10/25/18 8:59 AM, Ulrich Windl wrote:
As we do not actually use ldaps for replication that second line could be dropped easily
As a side note:
You should really use LDAPS or LDAP with StartTLS ext.op. for replication. Otherwise a MITM attacker could trick a replica into delivering false data to clients.
Are you using StartTLS in syncrepl statement?
Ciao, Michael.