How to make sync_client invoke STARTTLS for replication

Rudy Gevaert Rudy.Gevaert at
Fri May 28 09:09:47 EDT 2010

Hello Wesley,

On Wed, May 26, 2010 at 11:52:01AM -0400, Wesley Craig wrote:

> >Has anybody been able to fix this?
> Define "fix".

Well I meant, using enforcing TLS.  For now I set allowplaintext, but
would prefer not too.

>  If you have allowplaintext set, there's no reason to
> use TLS.  If you don't have allowplaintext, there are bugs in 2.3.16
> that prevent it from working.  See:
> There are other configurations that don't work, either.  For
> example, if you configure sync_client to use a list of mechs, those
> mechs aren't compared to the mechs offered by sync_server.  See:
> If you have feedback on either of these, I'm listening and
> committing improvements.  Maybe you're trying to get TLS while using
> some other form of strong crypto?

Thanks, for replying.  But I'm not sure what you are saying with the
above patches.  

So I can't sync_client over TLS (and SSL) to work for now?


More information about the Info-cyrus mailing list