Greetings,
I am learning to configure/use openldap. I have a question regarding database replication I have a primary openldap server. I prepared/installed openssl certificates for the server -and he slapd.conf has these lines
#--- Define SSL and TLS properties TLSCertificateFile /etc/certs/ldap1stServerCert.pem TLSCertificateKeyFile /etc/certs/ldap1stServerKey.pem TLSCACertificateFile /etc/certs/cacert.pem #---if client authentication is/isNOT required TLSVerifyClient demand
I want to replicate the database over two other hosts. Call these 2ndServer and 3rdserver. Both of these computers ALSO have ssl certificates in /etc/certs like so:-
#### in 2nd ldap host /etc/certs/ldap2ndServerCert.pem /etc/certs/ldap2ndServerKey.pem /etc/certs/cacert.pem
#### in 3rd ldap host /etc/certs/ldap3rdServerCert.pem /etc/certs/ldap3rdServerKey.pem /etc/certs/cacert.pem
As regards these certificates (the fact that they are not the same ) I would like to know what happens when I try to do replication.. I am following the guides 18.3.1.1. Syncrepl configuration ( http://www.openldap.org/doc/admin24/replication.html ) and 18.3.2. Delta-syncrepl ( also from http://www.openldap.org/doc/admin24/replication.html )
( In otherwords is is best to remove the certificates and install after replication or whatever. )
Thanks in advance
sincerely LuxInteg