Hello, ok thank you. Just wanted to know if there was an alternative, now I know there are none! I will do as Quanah and you said.
Thanks again for for your responsiveness! 2014-12-09 20:55 GMT+01:00 Michael Ströder <[email protected]>: > coma wrote: > > My problem is that cn=config is replicated on all servers, including > > TLSCertificateFile and TLSCertificateKeyFile... therefore the replication > > obviously not working (the certificate and key path of the first server > are > > replicated on the second server). > > > > I know there is some solutions to workaround this "issue", like: > > - Don't replicate cn=config > > - Use the same certificate and key for all servers > > - Use the same certificate and key path in cn=config (ex: > > /etc/openldap/cert/common_cert_name.pem and > > /etc/openldap/cert/common_cert_name.key) and then make symlinks to the > > correct files on the local server > > ..or directly place the correct files to the same certificate and key path. > > Yes, that's what > ansible/puppet/chef/name-your-favourite-config-management-tool > is for. > > Ciao, Michael. > >
