Created attachment 856 [details] prikey.key Current situation: The private key of the ldap certificate is used to set LDAP_OPT_X_TLS_KEYFILE when bind, and this file is currently stored in plain text. Appeal: Can we store the ciphertext of the file, and then decrypt it when we use it?
OpenSSL should generate a prompt when a passphrase protected key is provided to the ldap client already. *** This issue has been marked as a duplicate of issue 8485 ***