FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Redhat > Fedora Directory

 
 
LinkBack Thread Tools
 
Old 05-18-2011, 02:35 PM
solarflow99
 
Default replication with ssl

I just wonder why i'm getting: RESULT err=2 when I try to use replication over simple SSL.* The replication agreement works when I use ldap with no encryption, but when I select SSL encryption with ldap it just gives that error.* I'm not looking to use certificates, just simple bind DN/password.

*


--
389 users mailing list
389-users@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/389-users
 
Old 05-18-2011, 03:26 PM
Rich Megginson
 
Default replication with ssl

On 05/18/2011 08:35 AM, solarflow99 wrote:
I just wonder why i'm getting: RESULT err=2 when I try
to use replication over simple SSL.* The replication agreement
works when I use ldap with no encryption, but when I select SSL
encryption with ldap it just gives that error.* I'm not looking to
use certificates, just simple bind DN/password.


What platform?* What version of 389-ds-base?* What does it say in
the errors log?

What replication configuration did you do to use SSL?

Have you installed the CA cert?

*





--
389 users mailing list
389-users@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/389-users





--
389 users mailing list
389-users@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/389-users
 
Old 05-18-2011, 04:28 PM
solarflow99
 
Default replication with ssl

This is the latest: 389-ds-base-1.2.8.2-1.el5* I think its something
simple, since I have it working, but just not over startTLS on port
389.* When I change the replication agreement to: use StartTLS, the
replication status shows:* LDAP error: Protocol Error. Error code: 2


The docs didn't say much about this, can't dirsrv use default certs from /etc/pki like apache ssl and ssh use for this?*


Thanks,


On Wed, May 18, 2011 at 11:26 AM, Rich Megginson <rmeggins@redhat.com> wrote:







On 05/18/2011 08:35 AM, solarflow99 wrote:
I just wonder why i'm getting: RESULT err=2 when I try
to use replication over simple SSL.* The replication agreement
works when I use ldap with no encryption, but when I select SSL
encryption with ldap it just gives that error.* I'm not looking to
use certificates, just simple bind DN/password.


What platform?* What version of 389-ds-base?* What does it say in
the errors log?

What replication configuration did you do to use SSL?

Have you installed the CA cert?

*




--
389 users mailing list
389-users@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/389-users







--
389 users mailing list
389-users@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/389-users
 
Old 05-18-2011, 04:49 PM
Rich Megginson
 
Default replication with ssl

On 05/18/2011 10:28 AM, solarflow99 wrote:
This is the latest: 389-ds-base-1.2.8.2-1.el5* I think
its something simple, since I have it working, but just not over
startTLS on port 389.* When I change the replication agreement to:
use StartTLS, the replication status shows:* LDAP error: Protocol
Error. Error code: 2



The docs didn't say much about this, can't dirsrv use default
certs from /etc/pki like apache ssl and ssh use for this?*


No.* 389 doesn't use the nsspem module that reads openssl/pem style
cert files/directories like apache mod_ssl and others.



See http://directory.fedoraproject.org/wiki/Howto:SSL and
http://docs.redhat.com/docs/en-US/Red_Hat_Directory_Server/8.2/html-single/Administration_Guide/index.html#Managing_SSL
and





Thanks,





On Wed, May 18, 2011 at 11:26 AM, Rich
Megginson <rmeggins@redhat.com>
wrote:



On 05/18/2011 08:35 AM, solarflow99 wrote:
I just wonder why i'm getting:
RESULT err=2 when I try to use replication over simple
SSL.* The replication agreement works when I use ldap
with no encryption, but when I select SSL encryption
with ldap it just gives that error.* I'm not looking to
use certificates, just simple bind DN/password.



What platform?* What version of 389-ds-base?* What does it
say in the errors log?

What replication configuration did you do to use SSL?

Have you installed the CA cert?

*




--
389 users mailing list
389-users@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/389-users










--
389 users mailing list
389-users@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/389-users





--
389 users mailing list
389-users@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/389-users
 

Thread Tools




All times are GMT. The time now is 06:22 AM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org