On Fri, Mar 26, 2010 at 3:18 PM, Howard Chu <[email protected]> wrote: > Chris Jacobs wrote: >> >> There's one sure fire way to find out... >> >> Start it up with a syncrepl, then move the private key, and see if it >> syncs fine both ways. >> >> Wait a day or so, and make a change and see if that synced. >> >> If I had to put a dollar on it, if guess that it doesn't need the key >> after
true, but i thought a quick email to the list would have given me a quick yeah or nay.. > > startup. I could be horribly wrong though - I'm not a dev, just a user of > the > software. > > It probably depends on which crypto library you built with. I'm pretty sure > OpenSSL and GnuTLS cache the PEM credentials in memory. Not sure what MozNSS > does. And of course, if you're paranoid, you can build these libraries to > use smart tokens and leave the credentials there instead. built with gnutls (debian build) Thanks >> >> :) >> >> - chris >> [snip] > -- > -- Howard Chu > CTO, Symas Corp. http://www.symas.com > Director, Highland Sun http://highlandsun.com/hyc/ > Chief Architect, OpenLDAP http://www.openldap.org/project/ >
