Comment 18 for bug 1688575

Hi Andreas,

here are my syncprov and syncrepl configurations:

dn: olcOverlay={0}syncprov,olcDatabase={1}mdb,cn=config
objectClass: olcOverlayConfig
objectClass: olcSyncProvConfig
olcOverlay: {0}syncprov
olcSpCheckpoint: 5 5

dn: olcOverlay={0}syncprov,olcDatabase={2}mdb,cn=config
objectClass: olcOverlayConfig
objectClass: olcSyncProvConfig
olcOverlay: {0}syncprov
olcSpCheckpoint: 5 5

olcSyncrepl: rid=201 provider=ldap://master.example.com bindmethod=sasl
 timeout=0 network-timeout=0 saslmech=GSSAPI realm=EXAMPLE.COM keepalive=0
 :0:0 starttls=yes tls_cert="/etc/ssl/certs/slave.pem" tls_key=
 "/etc/ssl/private/slave.key" tls_cacert="/etc/ssl/certs/ca-cer
 tificates.crt" tls_reqcert=demand tls_cipher_suite=NORMAL:-VERS-SSL3.0:-VER
 S-TLS-ALL:+VERS-TLS1.2:-CIPHER-ALL:-SHA1:-MD5:-RSA:+AES-256-CBC:+CAMELLIA-2
 56-CBC:+AES-128-CBC:+RSA filter="(objectclass=*)" searchbase="dc=example,dc=com" s
 cope=sub schemachecking=off type=refreshAndPersist retry="5 10 15 +"

olcSyncrepl: rid=202 provider=ldap://master.example.com bindmethod=sasl
 timeout=0 network-timeout=0 saslmech=GSSAPI realm=EXAMPLE.COM keepalive=0
 :0:0 starttls=yes tls_cert="/etc/ssl/certs/slave.pem" tls_key=
 "/etc/ssl/private/slave.key" tls_cacert="/etc/ssl/certs/ca-cer
 tificates.crt" tls_reqcert=demand tls_cipher_suite=NORMAL:-VERS-SSL3.0:-VER
 S-TLS-ALL:+VERS-TLS1.2:-CIPHER-ALL:-SHA1:-MD5:-RSA:+AES-256-CBC:+CAMELLIA-2
 56-CBC:+AES-128-CBC:+RSA filter="(objectclass=*)" searchbase="ou=db2"
 scope=sub schemachecking=off type=refreshAndPersist retry="5 10 15 +"

krb5-kdc 1.13.2+dfsg-5ubuntu2
libsasl2-modules-gssapi-mit:amd64 2.1.26.dfsg1-14build1