Here is my /etc/openldap/ldap.conf:
# The distinguished name of the search base.
base dc=XX,dc=XX,dc=com
URI ldaps://XX.XX.com
TLS_CACERT /etc/pki/tls/certs/bundle.crt
TLS_REQCERT demand
We do not have the TLS_CACERTDIR listed, however it always worked without it, and we have other slaves which are working fine without it (since its managed through puppet).
It would appear that the masters only seem to be affected by this issue. The slaves have no issues at the moment.
_______________________________________________
389-users mailing list -- 389-users@lists.fedoraproject.org
To unsubscribe send an email to 389-users-leave@lists.fedoraproject.org
No comments:
Post a Comment