On 05/06/2017 02:56 AM, Real, Elizabeth (392K) wrote:
Hey guys,
I’m running multi-master OpenLDAP (version 2.4.40) servers and need to secure replication. Can you point me to where I can find that information? What I found online is old and does not apply to the version I’m running.
The olcSyncRepl directive on both systems needs to go from: olcSyncRepl: rid=001 provider=ldap to: olcSyncRepl: rid=001 provider=ldaps
Thank you, Liz
Hi,
First you'll need to generate ssl certificates and enable tls/ssl on your services.
After it is done you can use ldaps:// uri with tls parameters to point to the provider/consumer servers.
This is discussed in multiple places, in addition to official openldap admin guide just google your favorite linux distribution with openldap tls.