I’m working on a project where I had to create several LDAPS connection to different domains. To configure these I needed the certificate trust chain on the appliances. And of course I wanted the certificates now and not next week, while waiting for somebody to deliver them to me. So I started to search for an easy way.
With the help of OpenSSL it’s possible to connect and download the certificates. Use the following command:
cmd:> openssl s_client -connect ldapserver.domainexample.name:636
The server certificate code can be copied to a .cer file to be user where ever you need it.