Netscape communicator can't find cert for a given email address

[John Zhou <JZhou@TriStrata.com>]

Netscape Communicator does not load base64-encoded certs. See the
mailing-list archive for recent discussions about this topic and the
differences when using OpenLDAP 1.2.x or 2.0.x.

> I converted the format to binary and send them back to LDAP again

You're on the right track. See the archive.

**********************************************************************
I still cannot figure it out. I added the certs to LDAP server based on
following code:
       
          LDAPMod			**mods;

          mods[1]->mod_op = LDAP_MOD_BVALUES;
	    mods[1]->mod_type = "userCertificate";
		cert_berval.bv_len = cert_len; /*the length of the cert*/
		cert_berval.bv_val = cert; /*the binary certificate*/
          cert_values[0] = &cert_berval;
	    cert_values[1] = NULL;
	    mods[1]->mod_bvalues = cert_values;
          ldap_add( ld, dn, mods );
After running the code, I can see the entry in Netscape address book.
But when I try to retrieve the certs through Netscape Communicator security
dialog, the result is that cannot find the certificate for the given email
address.

I found some message in the mailing_list archive. Someone said it's probably
necessary to add the binary option to the userCertificate attribute. I am
not sure which file I need to modify in LDAP server.
Thanks for your help. -- John