https://bugs.openldap.org/show_bug.cgi?id=9757
Issue ID: 9757 Summary: The private key of the ldap certificate Product: OpenLDAP Version: 2.4.59 Hardware: All OS: Linux Status: UNCONFIRMED Keywords: needs_review Severity: normal Priority: --- Component: backends Assignee: bugs@openldap.org Reporter: ydgdsnn@163.com Target Milestone: ---
Created attachment 856 --> https://bugs.openldap.org/attachment.cgi?id=856&action=edit prikey.key
Current situation: The private key of the ldap certificate is used to set LDAP_OPT_X_TLS_KEYFILE when bind, and this file is currently stored in plain text.
Appeal: Can we store the ciphertext of the file, and then decrypt it when we use it?
https://bugs.openldap.org/show_bug.cgi?id=9757
Quanah Gibson-Mount quanah@openldap.org changed:
What |Removed |Added ---------------------------------------------------------------------------- Status|UNCONFIRMED |RESOLVED Keywords|needs_review | Resolution|--- |DUPLICATE
--- Comment #1 from Quanah Gibson-Mount quanah@openldap.org --- OpenSSL should generate a prompt when a passphrase protected key is provided to the ldap client already.
*** This issue has been marked as a duplicate of issue 8485 ***
https://bugs.openldap.org/show_bug.cgi?id=9757
Quanah Gibson-Mount quanah@openldap.org changed:
What |Removed |Added ---------------------------------------------------------------------------- Status|RESOLVED |VERIFIED
-
openldap-its@openldap.org