The SSL client (in this case, the replication supplier) still needs to
verify the SSL server (in this case, the replication consumer)
certificate in order for SSL to work. It should be sufficient for the
supplier to have the certificate of the CA that issued the consumer's
certificate in its cert db.
Hi, all. Trying to setup replication over SSL, without certificates.
In the UI, I said "Simple
Authentication.", gave it the bind dn & password. (The name/pass pair work fine
replication is used.)
Anyway, in the consumer log, I see this:
[18/Jan/2006:11:50:56 -0500] conn=66 fd=72 slot=72 SSL connection from 188.8.131.52 to
[18/Jan/2006:11:50:56 -0500] conn=66 op=-1 fd=72 closed - SSL peer cannot verify your
What's the deal? Why is it trying to verify certs???
on the supplier, I see this:
[18/Jan/2006:11:44:47 -0500] NSMMReplicationPlugin - agmt="cn=main"
(cnjldap01:636): Simple bind
failed, LDAP sdk error 81 (Can't contact LDAP server), Netscape Portable Runtime error
How come it failed??
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
Fedora-directory-users mailing list