diff --git a/src/Stunnel.hs b/src/Stunnel.hs
--- a/src/Stunnel.hs
+++ b/src/Stunnel.hs
@@ -16,10 +16,6 @@
 
 import Data.Char (isDigit)
 
-import Data.Certificate.PEM
-import Data.Certificate.X509
-import qualified Data.Certificate.KeyRSA as KeyRSA
-
 import qualified Crypto.Random.AESCtr as RNG
 import Network.TLS
 import Network.TLS.Extra
@@ -103,27 +99,6 @@
 	ctx <- server serverState' rng handle
 	tlsserver ctx dsthandle
 
-readCertificate :: FilePath -> IO X509
-readCertificate filepath = do
-	content <- B.readFile filepath
-	let certdata = case parsePEMCert content of
-		Nothing -> error ("no valid certificate section")
-		Just x  -> x
-	let cert = case decodeCertificate $ L.fromChunks [certdata] of
-		Left err -> error ("cannot decode certificate: " ++ err)
-		Right x  -> x
-	return cert
-
-readPrivateKey :: FilePath -> IO PrivateKey
-readPrivateKey filepath = do
-	content <- B.readFile filepath
-	let pkdata = case parsePEMKeyRSA content of
-		Nothing -> error ("no valid RSA key section")
-		Just x  -> L.fromChunks [x]
-	case KeyRSA.decodePrivate pkdata of
-		Left err     -> error ("cannot decode key: " ++ err)
-		Right (_,pk) -> return $ PrivRSA pk
-
 data Stunnel =
 	  Client
 		{ destinationType :: String
@@ -254,8 +229,8 @@
 
 doServer :: Stunnel -> IO ()
 doServer pargs = do
-	cert    <- readCertificate $ certificate pargs
-	pk      <- readPrivateKey $ key pargs
+	cert    <- fileReadCertificate $ certificate pargs
+	pk      <- fileReadPrivateKey $ key pargs
 	srcaddr <- getAddressDescription (sourceType pargs) (source pargs)
 	dstaddr <- getAddressDescription (destinationType pargs) (destination pargs)
 
diff --git a/tls-debug.cabal b/tls-debug.cabal
--- a/tls-debug.cabal
+++ b/tls-debug.cabal
@@ -1,5 +1,5 @@
 Name:                tls-debug
-Version:             0.1.0
+Version:             0.1.1
 Description:
    A set of program to test and debug various aspect of the TLS package.
    .
@@ -24,8 +24,8 @@
                    , cmdargs
                    , certificate >= 1.0
                    , cprng-aes >= 0.2.3
-                   , tls >= 0.9.0 && < 1.0
-                   , tls-extra >= 0.4.3 && < 0.5.0
+                   , tls >= 0.9.4 && < 1.0
+                   , tls-extra >= 0.4.6 && < 0.5.0
   Buildable:         True
   ghc-options:       -Wall -fno-warn-missing-signatures
 
@@ -37,8 +37,8 @@
                    , bytestring
                    , cprng-aes
                    , certificate >= 1.0
-                   , tls >= 0.9.0 && < 1.0
-                   , tls-extra >= 0.4.3 && < 0.5.0
+                   , tls >= 0.9.4 && < 1.0
+                   , tls-extra >= 0.4.6 && < 0.5.0
   Buildable:         True
   ghc-options:       -Wall -fno-warn-missing-signatures
 
@@ -52,8 +52,8 @@
                    , time
                    , cprng-aes >= 0.2.3
                    , certificate >= 1.0
-                   , tls >= 0.9.0 && < 1.0
-                   , tls-extra >= 0.4.3 && < 0.5.0
+                   , tls >= 0.9.4 && < 1.0
+                   , tls-extra >= 0.4.6 && < 0.5.0
   Buildable:         True
   ghc-options:       -Wall -fno-warn-missing-signatures
 
@@ -66,8 +66,8 @@
                    , cmdargs
                    , cprng-aes >= 0.2.3
                    , certificate >= 1.0
-                   , tls >= 0.9.0 && < 1.0
-                   , tls-extra >= 0.4.3 && < 0.5.0
+                   , tls >= 0.9.4 && < 1.0
+                   , tls-extra >= 0.4.6 && < 0.5.0
   Buildable:         True
   ghc-options:       -Wall -fno-warn-missing-signatures
 
