I don't have PTR on my DNS, but I continue to look that way and I found the
reason.
When I put a "new replication agreement", I made a mistake with the
consumer name, I put "labbis.go.local" and I just have to put
"labbis".
Thanks a lot Grzegorz Dwornicki !
Have a good day !
2013/4/10 Grzegorz Dwornicki <gd1100(a)gmail.com>
Do you have a PTR record on windows DNS? I had read somewhere that
ssl
checks forward and backwards queries. Altrough I didn't check it... The
other possibility is as small as one character error in certificate vs name
resolution.
10 kwi 2013 13:36, "alexandre" <axel0felix(a)gmail.com> napisał(a):
Hello,
>
> Thanks Grzegorz Dwornicki.
>
> I found the solution, but someone can explain me why this option gave me
> an error.
>
> I uncheck the box "Check hostname against name certificate for outboun
> SSL connections" in the "Encryption" tab (on both server side).
>
> Just to exemple, I have one server name "lab.go.local" and the second
> server name is "labbis.go.local".
> May be because I don't put all information in my "/etc/hosts" but I use
a
> Windows DNS to resolve.
>
> Many thanks,
> Alex
>
>
> 2013/4/10 Grzegorz Dwornicki <gd1100(a)gmail.com>
>
>>
>>
https://access.redhat.com/site/documentation/en-US/Red_Hat_Directory_Serv...
>>
>> Please look in this doc and increase the log verbosity. This might help.
>> 10 kwi 2013 13:15, "alexandre" <axel0felix(a)gmail.com>
napisał(a):
>>
>>> Hi,
>>>
>>> I'm having problem with my multi-master replication.
>>>
>>> I have on 389DS server in multi-master replication with a Windows DC
>>> (everything work fine).
>>>
>>> I try to put another 389DS in multi-master replication over startTLS
>>> (just to have redundancy).
>>>
>>> When I do the consumer initialization i've got this error:
>>>
>>> The consumer initializatiion has unsuccessfully completed. The error
>>> received by the replica is: -11 - System error.
>>>
>>> When I go to the /var/log/dirsrv/slapd-389ds/errors:
>>>
>>> slapi_ldap_bind - Error: could not send startTLS request: error -11
>>> (Connect error)
>>>
>>>
>>>
>>> Just an indication, I went in "manage certificate" on both 389DS
server
>>> and I put the server cert and the CA cert, do I miss something ?
>>>
>>> Thanks,
>>> Alex
>>>
>>>
>>> --
>>> 389 users mailing list
>>> 389-users(a)lists.fedoraproject.org
>>>
https://admin.fedoraproject.org/mailman/listinfo/389-users
>>>
>>
>> --
>> 389 users mailing list
>> 389-users(a)lists.fedoraproject.org
>>
https://admin.fedoraproject.org/mailman/listinfo/389-users
>>
>
>
> --
> 389 users mailing list
> 389-users(a)lists.fedoraproject.org
>
https://admin.fedoraproject.org/mailman/listinfo/389-users
>
--
389 users mailing list
389-users(a)lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/389-users