>> " Error reading data from server server.gluu.com:4444. There is an error with
the certificate presented by the server.
Details: simple bind failed: server.gluu.com:4444"
Never seen such error before....
Anyways, some points about replication of two Gluu Servers..
* Check if those servers can talk to each other with replication port (generally: 8989 ) and 4444 to each other.
* Certificate, LDAP configurations, IDP configurations.. even public hostnames should be same in both servers.
>> i guess that the certificate of the first server should be imported into the keystore of the second server. if this is correct, could you tell me which certificate should be imported in which keystore?
Keystore ( cacerts ) is available in /etc/pki/java. But I doubt importing second server's openDJ cert will resolve your problem.
There are bunch of certificates in Gluu Servers; all of them are stored inside /etc/certs:
* asimba.crt, asimba.csr, asimba.key, asimba.key.orig, asimba.pkcs12 and asimbaIDP.jks: These are associated with Asimba Proxy Server. If you install SAML Proxy Server ( Asimba ) in your Gluu Server, you have to deal with these cert and key.
* httpd.crt, httpd.csr, httpd.key, httpd.key.orig: These are SSL Apache related cert and key. Don't worry about CSR and .key.orig here if you want to update your Apache SSL cert. Just follow the doc which I provided you before.
* opendj.crt: This cert is being used by Gluu Server's internal Gluu-LDAP.
* oxauth-web-keys.json: This key is using by Gluu Server's OpenID Connect Server.
* shibIDP.crt, shibIDP.csr, shibIDP.jks, shibIDP.key, shibIDP.key.orig, shibIDP.pkcs12: These are required if you use Gluu Server's Shibboleth SAML server for any kind of SAML transactions.