Hi I have tried to follow http://directory.fedoraproject.org/docs/389ds/howto/howto-walkthroughmultimasterssl.html#set-up-multi-master-replication to setup a multimaster setup with 389 LDAP servers. I have 2 servers and I have clients connected to both using SSL to authenticate. Both servers are from the same certificate chain.
When I try and set up the replication agreement between the LDAP instances I get an error "Consumer server unreachable or invalid credentials supplied. Unable to perform subtree duplication verfication." At this point I have followed the instructions and have a consumer with 636 use TLS/SSL selected and the correct simple bind DN set to cn=replication manager, cn=config. If I ignore this message and continue and try and initialize the agreement I see errors under /var/log/dirsrv/sldapd-xxxx/ SSL connection from x.x.x.x to x.x.x.x closed peer cannot verify your certificate. Now as I am using simple bind does it still need to use certificates? and if both are from the same CA should this just work? -- 389-users mailing list 389-users@lists.fedoraproject.org https://lists.fedoraproject.org/admin/lists/389-users@lists.fedoraproject.org
