389-ds-base

Clone
Source Code
GIT

#49063 repl-monitor.pl fails to connect when agreement is configured under ssl.
Closed: wontfix 7 years ago Opened 7 years ago by mreynolds.

Closed: wontfix
Reopen Issue

Ticket was cloned from Red Hat Bugzilla (product Red Hat Enterprise Linux 7): Bug 1356226

Description of problem:

I am not sure if I am using repl-monitor.pl in a wrong way. But from my
understanding, either we use it simplest as possible like this:

repl-monitor.pl -s -c ipanew:389 -w secret12

and the current instance in 389 port has a replication agreement like this:

dn: cn=torhel6,cn=replica,cn=dc\3Dmyexample\2Cdc\3Dcom,cn=mapping
tree,cn=config
objectClass: top
objectClass: nsDS5ReplicationAgreement
cn: torhel6
nsDS5ReplicaHost: ipaclient.example.com
nsDS5ReplicaRoot: dc=myexample,dc=com
nsDS5ReplicaPort: 636
nsDS5ReplicaTransportInfo: SSL
nsDS5ReplicaBindDN: cn=replication manager,cn=config
nsDS5ReplicaBindMethod: SIMPLE
nsDS5ReplicaCredentials: secret12

it seems the server "ipaclient.example.com:636" is added to the list of servers
and in

sub get_replicas
{
....
....
        $conn = new Mozilla::LDAP::Conn ($host, $shadowport, "$binddn",
$bindpwd, $bindcert);

....
....


the connection is done with the right host and port but the bind cert is empty.

So, the connection hangs.

It seems to be the same if I use "-f file" with the connections to the server
usingport 389 because it's still browsing the agreemnts (from what I have seen)
and trying to use the host and port defined in the agreement.

Perhaps I am not using the script as expected ?

Please, feel free to close this bug if it's the case.



Version-Release number of selected component (if applicable):

389-ds-base-1.3.4.0-30.el7_2.x86_64



How reproducible:

it's shown in description.

Metadata Update from @mreynolds:
- Issue set to the milestone: 1.3.6.0
7 years ago

Metadata Update from @mreynolds:
- Issue assigned to mreynolds
7 years ago

This works if you specify the secure port and certificate directory in connection details

Metadata Update from @mreynolds:
- Custom field reviewstatus adjusted to new
- Issue close_status updated to: invalid
- Issue status updated to: Closed (was: Open)
7 years ago

389-ds-base is moving from Pagure to Github. This means that new issues and pull requests
will be accepted only in 389-ds-base's github repository.

This issue has been cloned to Github and is available here:
- https://github.com/389ds/389-ds-base/issues/2122

If you want to receive further updates on the issue, please navigate to the github issue
and click on subscribe button.

Thank you for understanding. We apologize for all inconvenience.

Metadata Update from @spichugi:
- Issue close_status updated to: wontfix (was: invalid)
3 years ago

Login to comment on this ticket.

Metadata
None
None
None
major
new
Community
Powered by Pagure 5.13.3
DocumentationFile an IssueAboutSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.