Michael Ströder wrote:
Generally using TLS client certs in a secure way is not well supported in most clients. Or does libldap today support asking for a client key passphrase?
As already stated, OpenLDAP has nothing to do with any of the key material. The OpenSSL library already prompts for key passphrase when needed, we have nothing to do with that.