[Pkg-openldap-devel] Bug#465170: ldap-utils: not working with encrypted private keys
Alex Samad
alex at samad.com.au
Mon Feb 11 02:50:49 UTC 2008
Package: ldap-utils
Version: 2.4.7-5
Severity: important
i recently moved from 2.3.x to 2.4 with the associated changes in ssll
libraries.
when i went to use ldapsearch with this .ldaprc
uri ldaps://ldap.hme1.samad.com.au
BINDDN "uid=alex,ou=People,dc=samad,dc=com,dc=au"
TLS_CERT /home/alex/.ssl/a.crt
TLS_KEY /home/alex/.ssl/a.pem
#TLS_KEY /home/alex/.ssl/a.une.pem
#TLS_KEY /home/alex/.ssl/a.p08
#
SASL_MECH external
it fails, after doing a strace on ldapsearch it is reading the private
key file, but my pem is encrypted (created with openssl). When I chaneged
to the a.une.pem file it all worked. I then created a a.p08 file pkcs8
with -v2 des3. certtool can view this file, but ldapsearch doesn't aske
for a password to decrypt it and thus fails the ldap connection.
There doesn't seem to be a way to use an encrypted private key with
ldapsearch
alex
-- System Information:
Debian Release: lenny/sid
APT prefers testing
APT policy: (500, 'testing'), (500, 'stable'), (100, 'unstable'), (50, 'experimental')
Architecture: amd64 (x86_64)
Kernel: Linux 2.6.22-2-amd64 (SMP w/2 CPU cores)
Locale: LANG=en_AU.UTF-8, LC_CTYPE=en_AU.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Versions of packages ldap-utils depends on:
ii libc6 2.7-6 GNU C Library: Shared libraries
ii libgcrypt11 1.4.0-3 LGPL Crypto library - runtime libr
ii libgnutls26 2.2.1-3 the GNU TLS library - runtime libr
ii libgpg-error0 1.4-2 library for common error values an
ii libldap-2.4-2 2.4.7-5 OpenLDAP libraries
ii libsasl2-2 2.1.22.dfsg1-16 Cyrus SASL - authentication abstra
ii libtasn1-3 1.2-1 Manage ASN.1 structures (runtime)
ii zlib1g 1:1.2.3.3.dfsg-11 compression library - runtime
Versions of packages ldap-utils recommends:
ii libsasl2-modules 2.1.22.dfsg1-16 Cyrus SASL - pluggable authenticat
-- no debconf information
More information about the Pkg-openldap-devel
mailing list