Re: Upgrading from 2.4.26 to 2.4.41: Stricter checks prevent startup?
On 10/25/18 8:59 AM, Ulrich Windl wrote:
As we do not actually use ldaps for replication that second line
could be dropped easily
As a side note:
You should really use LDAPS or LDAP with StartTLS ext.op. for
replication. Otherwise a MITM attacker could trick a replica into
delivering false data to clients.
Are you using StartTLS in syncrepl statement?
Ciao, Michael.
Attachments:
- smime.p7s (application/pkcs7-signature — 3.7 KB)