Michael,<br><br>Here is what I got after the openssl s_client -connect &lt;server&gt;:&lt;port&gt; -CAfile /path/to/my/CAcert command:<br><br><br>CONNECTED(00000784)<br>---<br>Certificate chain<br>&nbsp;0 s:<br>&nbsp;&nbsp; i:/DC=srf/CN=AC DN<br>
---<br>Server certificate<br>-----BEGIN CERTIFICATE-----<br>MIIFjjCCBHagAwIBAgIKb11m+wAAAAACNzANBgkqhkiG9w0BAQUFADAzMRMwEQYK<br>CZImiZPyLGQBGRYDc3JmMRwwGgYDVQQDExNSRkIgRW50ZXJwcmlzZSBDQTAyMB4X<br>DTA4MTIwODEzNTUzOVoXDTA5MTIwODEzNTUzOVowADCBnzANBgkqhkiG9w0BAQEF<br>
<br>CERTIFICATE VOIDED FOR SECURITY REASONS<br><br>4cT9LQqwIZImw43pkJOBb4SpAWgtRFp593ydbecZ3Kp8bGq7nLm5fhTazF0tuH7j<br>mXj1Y2rkoucgDBDPTDRfIodpbmwiv85KdxVLjYbMwC6UZkJAnbyyZsJMnEV7gvIU<br>aB8SRTjVy3I2L9qs+PE6VmFEj77s9GJ/uK6sQKe5r9wMhfumB9hhvINdiAZHjDrL<br>
BonD2E6tujKEZFK/Rpy2bB4xACM/Bo2Y9/w8ubsfaREvcA==<br>-----END CERTIFICATE-----<br>subject=<br>issuer=/DC=srf/CN=AC DN<br>---<br>Acceptable client certificate CA names<br>...<br>LIST OF DNs deleted from screen capture for security reasons<br>
...<br>---<br>SSL handshake has read 5964 bytes and written 318 bytes<br>---<br>New, TLSv1/SSLv3, Cipher is RC4-MD5<br>Server public key is 1024 bit<br>Compression: NONE<br>Expansion: NONE<br>SSL-Session:<br>&nbsp;&nbsp;&nbsp; Protocol&nbsp; : TLSv1<br>
&nbsp;&nbsp;&nbsp; Cipher&nbsp;&nbsp;&nbsp; : RC4-MD5<br>&nbsp;&nbsp;&nbsp; Session-ID: 180E00000D77AF6764CDEA8AD607E28BB8EF02028EBFB4F2C2C2CBEA354788FD<br>&nbsp;&nbsp;&nbsp; Session-ID-ctx: <br>&nbsp;&nbsp;&nbsp; Master-Key: 51434AA335DE806D5AC923D057A0A2C865B1D4FDCEB0CF6B3C7B148EA3187E0565B7559B10817BF81A93F79B1E34101E<br>
&nbsp;&nbsp;&nbsp; Key-Arg&nbsp;&nbsp; : None<br>&nbsp;&nbsp;&nbsp; Start Time: 1228851254<br>&nbsp;&nbsp;&nbsp; Timeout&nbsp;&nbsp; : 300 (sec)<br>&nbsp;&nbsp;&nbsp; Verify return code: 0 (ok)<br>---<br><br>From the &quot;subject=&quot; line, one could see that the server certificate is subjectless.<br>
<br>Do you think that&#39;s the reason why I couldnt&#39; connect via python-ldap?<br><br>Thanks,<br><br>Alberto<br><br>