Package: ldap-utils Version: 2.4.7-5 Severity: important i recently moved from 2.3.x to 2.4 with the associated changes in ssll libraries.
when i went to use ldapsearch with this .ldaprc uri ldaps://ldap.hme1.samad.com.au BINDDN "uid=alex,ou=People,dc=samad,dc=com,dc=au" TLS_CERT /home/alex/.ssl/a.crt TLS_KEY /home/alex/.ssl/a.pem #TLS_KEY /home/alex/.ssl/a.une.pem #TLS_KEY /home/alex/.ssl/a.p08 # SASL_MECH external it fails, after doing a strace on ldapsearch it is reading the private key file, but my pem is encrypted (created with openssl). When I chaneged to the a.une.pem file it all worked. I then created a a.p08 file pkcs8 with -v2 des3. certtool can view this file, but ldapsearch doesn't aske for a password to decrypt it and thus fails the ldap connection. There doesn't seem to be a way to use an encrypted private key with ldapsearch alex -- System Information: Debian Release: lenny/sid APT prefers testing APT policy: (500, 'testing'), (500, 'stable'), (100, 'unstable'), (50, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 2.6.22-2-amd64 (SMP w/2 CPU cores) Locale: LANG=en_AU.UTF-8, LC_CTYPE=en_AU.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages ldap-utils depends on: ii libc6 2.7-6 GNU C Library: Shared libraries ii libgcrypt11 1.4.0-3 LGPL Crypto library - runtime libr ii libgnutls26 2.2.1-3 the GNU TLS library - runtime libr ii libgpg-error0 1.4-2 library for common error values an ii libldap-2.4-2 2.4.7-5 OpenLDAP libraries ii libsasl2-2 2.1.22.dfsg1-16 Cyrus SASL - authentication abstra ii libtasn1-3 1.2-1 Manage ASN.1 structures (runtime) ii zlib1g 1:1.2.3.3.dfsg-11 compression library - runtime Versions of packages ldap-utils recommends: ii libsasl2-modules 2.1.22.dfsg1-16 Cyrus SASL - pluggable authenticat -- no debconf information -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
