On 10/25/18 8:59 AM, Ulrich Windl wrote:
As we do not actually use ldaps for replication that second line
could be dropped easily
As a side note:
You should really use LDAPS or LDAP with StartTLS ext.op. for
replication. Otherwise a MITM attacker could trick a replica into
delivering false data to clients.
Are you using StartTLS in syncrepl statement?