Hi,

 

I am configuring TLS for syncrepl. But the consumer is not reading any updates from the server. Without tls the configuration was working fine. Please let me know where I am going wrong

 

On client, my configuration files are as follows

 

slapd.conf

access to attrs=userPassword

      by self write

      by users read

      by anonymous auth

 

 

access to attrs=shadowLastChange

      by self write

      by * auth

 

access to *

      by * read

 

moduleload syncprov.la

 

syncrepl rid=124

                provider=ldaps://smalldevonly.comverse-in.com:389

                type=refreshOnly

                interval=00:00:01:00

                searchbase="dc=comverse-in,dc=com"

                filter="(objectClass=top)"

                scope=sub

                attrs="cn,uidNumber"

                schemachecking=off

                bindmethod=simple

                binddn="cn=Manager,dc=comverse-in,dc=com"

                credentials=sonora

 

updateref       ldaps://smalldevonly.comverse-in.com

 

/etc/ldap.conf

uri ldaps://smalldevonly.comverse-in.com ldaps://dtr98.comverse-in.com

base dc=comverse-in,dc=com

ssl start_tls

ssl on

tls_cacertfile /etc/openldap/cacerts/cacert.pem

tls_cacertdir /etc/openldap/cacerts

 

/etc/openldap/ldap.conf

BASE dc=comverse-in,dc=com

URI ldaps://smalldevonly.comverse-in.com/ ldaps://dtr98.comverse-in.com

 

TLS_CACERT    /etc/openldap/cacerts/cacert.pem

TLS_CACERTDIR /etc/openldap/cacerts

TLS_REQCERT     allow

 

Thanks and Regards,

Naga Chaitanya