a while ago the debian team moved from linking libraries against the
openssl libriaries to using the gnutls libraries. The problem with this
is the the gnutls libraries don't handle encrypted private keys. I have
setup my ldapsearch (and other ldap-utils utilities) to use encrypted
x509 private keys, why use them if you are just going to leave the lying
around the place and not password protected.
This hasn't been a majour problem as yet, but now the new package's
being linked against perl 5.10 and this in turn has indirect dependencies
to gnutls I am unable to do any more upgrades, in particular the recent
libsnmp security I am unable to install becuase of the linkage to perl
I have raised a bug report against ldap-utils but, not enough
resources/time to look at this.
How are other people handling their private x509 keys ?
I am guessing now that my only option is to get ldap-utils and
statically compile it against the openssl libraries
"God loves you, and I love you. And you can count on both of us as a powerful message that people who wonder about their future can hear."