Re: [389-users] duplicate existing ssl crenentials on another server ?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



you must create a certificate with additional hostnames with -8 option.

you can view an example here:

http://docs.sun.com/app/docs/doc/819-5899/6n7uuth9p?l=en&n=1&a=view


----- Missatge original -----
> Hello,
> 
> After having read through the Howto:SSL document on the 389 wiki, i
> went ahead and set up SSL for my master instance - it works great, and
> i couldn't be happier. :)
> 
> I have a slave set up to do read-only replication from the master ;
> now, the wiki document has information on how to integrate the
> certificate into a slave so that the replication can occur over SSL,
> which i'll no
> doubt do, but that's not what i'm looking for advice on now.
> 
> What i'm interested in is actually duplicating the new SSL setup that
> currently exists on the master. I realise that this sounds funny, but
> the reason is simple : in our environment, all of the clients and
> LDAP-aware applications are configured to send requests to a given
> hostname (which is not the base FQDN of the LDAP server - it's
> another, separate hostname entirely). If the master goes down, the
> slave automatically has this separate hostname assigned to it.
> 
> (Put another way, it's a sort of poor-man's failover. It's far from
> perfect, and everybody knows it, but that's what's there, so for now
> we live with it. :P )
> 
> What i would appear to need, therefore, is to have the slave be able
> to respond to incoming SSL requests with exactly the same credentials
> as the master. Is this even possible, and if so, how would i got about
> doing it ?
> 
> Thank you, all.
> 
> 
> -- Daniel Maher <dma + 389users AT witbe DOT net>
> -- 389 users mailing list
> 389-users@xxxxxxxxxxxxxxxxxxxxxxx
> https://admin.fedoraproject.org/mailman/listinfo/389-users
--
389 users mailing list
389-users@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/389-users


[Index of Archives]     [Fedora Directory Users]     [Fedora Directory Devel]     [Fedora Announce]     [Fedora Legacy Announce]     [Kernel]     [Fedora Legacy]     [Share Photos]     [Fedora Desktop]     [PAM]     [Red Hat Watch]     [Red Hat Development]     [Big List of Linux Books]     [Gimp]     [Yosemite News]

  Powered by Linux