"Alex Samad" <[EMAIL PROTECTED]> writes: > Hi > > I am a debian user and use gnutls library indirectly, previously I used > openssl, but debian has made a move over to gnutls. > > Previously with openssl I had setup ldapsearch to use x509 certs to identify > myself, I encrypted my private certs with a password. Since the move to > gnutls I have been unable to use encrypted private keys. > > I thought maybe it was a config difference between gnutls and openssl, but > with all the reading I have done of certtool documentation I can't find any > place to setup a encrypted private key. > > I have raised a bug report against the maintainers of ldap-utils, this is > the package that has ldapsearch ( and other ldap-commands), but they are a > bit low on resources now. > > So I thought I would come to the list and find out > > 1) is it true that the libraries can't handle encrypted private keys
No. > 2) If not how do you handle encrypted private keys You can load PKCS#8 protected keys using: gnutls_x509_privkey_import_pkcs8. And encrypted keys stored in PKCS#12 using: gnutls_certificate_set_x509_simple_pkcs12_file These are the two standard ways to encrypt private keys that I know of. OpenSSL has a proprietary standard that we don't support. /Simon _______________________________________________ Help-gnutls mailing list [email protected] http://lists.gnu.org/mailman/listinfo/help-gnutls
