Table of Contents
Advertisement
Replication Over SSL
If you want the update operation to occur over an SSL connection, you must
modify the
and values. For more information on the
"Managing Entries From the Command Line," on page 50 and Netscape Directory
Server Configuration, Command, and File Reference.
Replication Over SSL
You can configure Directory Servers involved in replication so that all replication
operations occur over an SSL connection.
To use replication over SSL, you must first do the following:
•
Configure both your supplier and consumer servers to use SSL.
•
Configure your consumer server to recognize your supplier server's certificate
as the supplier DN. You do this only if you want to use SSL client
authentication rather than simple authentication.
These procedures are described in Chapter 11, "Managing SSL."
NOTE
When your servers are configured to use SSL, you can ensure replication
operations occur over SSL connections by using the:
•
Replication Wizard, when you set up the replication agreement between two
Directory Servers.
•
Directory Server Console, at any time after the initial replication agreement
was configured.
316
Netscape Directory Server Administrator's Guide • May 2002
command in the script with the appropriate parameters
ldapmodify
Replication configured over SSL with certificate-based
authentication will fail in the following cases:
•
If the supplier's certificate is a self-signed certificate.
•
If the supplier's certificate is only capable of behaving as an SSL
server certificate, that is, unable to play the role of the client
during an SSL handshake.
command, refer to
ldapmodify
Advertisement
Table of Contents
