Hi,

ZCS 7.0, replica ldap server on a different box.

On the replica:

Mar 2 15:16:06 mxbu1 slapd[2006]: slap_client_connect: URI=ldap://my.masterldap.com:389 Error, ldap_start_tls failed (-11)

I can connect manually to it, e.g.:

ldapsearch -ZZ -x -H ldap://my.masterldap.com:389/ -D \ "uid=zimbra,cn=admins,cn=zimbra" -b "" -s base -W +

And entering the password.

Yet those entries show up in the logs, and my replica is out of sync with the master.

I cannot find any documentation relative to 7.0 that lays out which portions of the cert need to be moved over to the replica (and steps how) to solve this.

Any clues, please lend some help.

--Freddy