From c804bb3728e8ada82c3b9542a3263e524b90100d Mon Sep 17 00:00:00 2001
From: Howard Chu <hyc@openldap.org>
Date: Wed, 19 Jan 2005 09:47:46 +0000
Subject: [PATCH] ITS#3293 add description of syncrepl starttls keyword

---
 doc/man/man5/slapd.conf.5 | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/doc/man/man5/slapd.conf.5 b/doc/man/man5/slapd.conf.5
index 1a005a1715..617b6e902e 100644
--- a/doc/man/man5/slapd.conf.5
+++ b/doc/man/man5/slapd.conf.5
@@ -1410,6 +1410,7 @@ with the inner suffix must come first in the configuration file.
 .B [sizelimit=<limit>]
 .B [timelimit=<limit>]
 .B [schemachecking=on|off]
+.B [starttls=yes|critical]
 .B [bindmethod=simple|sasl]
 .B [binddn=<dn>]
 .B [saslmech=<mech>]
@@ -1484,6 +1485,13 @@ The schema checking can be enforced at the LDAP Sync
 consumer site by turning on the
 .B schemachecking
 parameter. The default is off.
+The
+.B starttls
+parameter may be used to specify use of the StartTLS extended operation
+to establish a TLS session before Binding to the provider. If the
+.B critical
+argument is supplied, the session will be aborted if the StartTLS request
+fails. Otherwise the syncrepl session continues in the clear.
 A
 .B bindmethod
 of 
-- 
2.39.5