I'm having a lot of trouble with replication when using SSL. If I configure everything exactly the same without SSL, it works flawlessly. The instant I try to encrypt traffic, one or both servers will deadlock, even after restart.

I'm configuring according to the instructions at http://www.openldap.org/doc/admin24/replication.html#N-Way Multi-Master, except using ldaps:// instead of ldap://.

In cn=config, I've setup:

olcTLSCACertificateFile: /etc/openldap/certs/Operations_CA_Certificate.pem

olcTLSCertificateFile: /etc/openldap/certs/ldap.pem

olcTLSCertificateKeyFile: /etc/openldap/certs/ldap.key

I've also tried using STARTTLS over ldap:// and it seems to make no difference.

Permissions are right and I can connect via SSL from clients without issue.

I'm completely stumped as to what might be going on. Has anyone seen this before?

This is running on Scientific Linux 6 with the following packages:

openldap-2.4.23-32.el6_4.x86_64

openldap-clients-2.4.23-32.el6_4.x86_64

openldap-servers-2.4.23-32.el6_4.x86_64