hi all! 1. As I understood, openldap (v 2.1.12) when verifying user certificate, checks only CA, signed sertificate, but not the certificate itself and not the user dn in it. Is it true? How can make openldap check the user certificate and user DN? 2. Does openldap works with CRLs? Please help! Best regards Sergios.