CA is self-signed generated certificate . by Linux2 it self.


[root@linux2 ~]# certutil -L -d /etc/dirsrv/slapd-linux2 -n "CA"

Certificate Nickname                                         Trust Attributes
                                                             SSL,S/MIME,JAR/XPI

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1000 (0x3e8)
        Signature Algorithm: PKCS #1 SHA-1 With RSA Encryption
        Issuer: "CN=CAcert"
        Validity:
            Not Before: Fri Oct 17 15:11:18 2008
            Not After : Wed Oct 17 15:11:18 2018
        Subject: "CN=CAcert"
        Subject Public Key Info:
            Public Key Algorithm: PKCS #1 RSA Encryption
            RSA Public Key:
                Modulus:
                    c8:40:4b:86:0b:70:3d:5d:6a:f6:f4:a5:86:e9:1c:98:
                    d0:dd:19:31:e3:b8:18:3b:0a:c8:9f:83:33:98:cd:98:
                    54:83:9d:73:97:69:04:26:b8:75:4a:95:7e:ed:92:62:
                    51:2c:70:8a:a6:f2:a6:8b:b5:c6:53:d3:f8:cc:01:c9:
                    e8:78:55:1f:69:e3:c4:5c:5e:e8:a6:bf:dc:53:ac:a6:
                    ce:75:14:98:2f:a7:c0:da:ae:be:5d:91:e6:f2:96:84:
                    02:a0:ec:df:e4:de:91:25:2d:65:d8:bd:79:3d:07:ea:
                    8c:9f:9e:5b:ee:04:a3:18:2e:98:c6:ab:15:a1:d5:d9
                Exponent: 65537 (0x10001)
    Signature Algorithm: PKCS #1 SHA-1 With RSA Encryption
    Signature:
        55:bd:f2:f7:37:e5:60:e0:87:20:a7:d7:69:b2:eb:79:
        e6:98:7e:72:f1:b1:dc:11:08:94:fd:c3:56:a8:14:37:
        2b:1b:cd:bc:05:3d:54:45:73:7f:b2:dc:f8:f1:f4:44:
        61:25:54:c6:e2:c2:68:1f:d7:cc:d3:37:16:37:98:b8:
        37:c3:7e:49:48:12:58:17:26:fe:87:bc:d4:ef:ee:6b:
        5d:35:1f:1f:72:a5:5e:6b:b7:94:e6:c3:63:7c:2a:24:
        4c:43:39:cd:74:7b:56:08:15:f9:85:3f:ed:c9:ba:01:
        88:d0:90:84:1d:e6:0e:84:7f:83:8e:bf:9e:9a:b2:a3
    Fingerprint (MD5):
        2C:77:B6:61:BA:3D:F0:E2:8E:EB:BA:4D:74:A4:E4:0C
    Fingerprint (SHA1):
        06:FE:B9:62:26:E7:56:1E:2B:84:C0:5E:AC:DC:F7:1A:AE:A8:58:0E

    Certificate Trust Flags:
        SSL Flags:
            Valid CA
            Trusted CA
            User
            Trusted Client CA
        Email Flags:
            User
        Object Signing Flags:
            User

[root@linux2 ~]# certutil -L -d /etc/dirsrv/slapd-linux2 -n "linux2"

Certificate Nickname                                         Trust Attributes
                                                             SSL,S/MIME,JAR/XPI

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            14:fc:4e:02:00:00:00:00:00:16
        Signature Algorithm: PKCS #1 SHA-1 With RSA Encryption
        Issuer: "CN=labdc01,DC=tf-lab,DC=test2,DC=com"
        Validity:
            Not Before: Fri Oct 17 23:35:13 2008
            Not After : Sun Oct 17 23:35:13 2010
        Subject: "CN=linux2,OU=Ops,O=Exponential,L=Emeryville,ST=California,C
            =US"
        Subject Public Key Info:
            Public Key Algorithm: PKCS #1 RSA Encryption
            RSA Public Key:
                Modulus:
                    da:db:9b:d8:c2:aa:42:4e:85:69:b2:0a:19:46:87:2d:
                    67:e6:4b:9b:4d:97:96:6a:e3:bf:90:c2:ab:a7:0d:17:
                    --removed-some-part---
                    24:72:dc:18:5c:7e:1a:16:b3:bd:38:1b:0a:0f:a6:48:
                    ae:4e:ef:5a:eb:cd:12:6f:5e:16:8f:6c:ce:ff:fa:71
                Exponent: 65537 (0x10001)
        Signed Extensions:
            Name: Certificate Subject Key ID
            Data:
                75:e0:f9:0d:9f:77:24:61:38:87:17:87:43:ee:25:5d:
                c0:b2:4f:d3

            Name: Certificate Authority Key Identifier
            Key ID:
                83:c2:a6:03:eb:b2:a8:ea:40:d0:63:42:01:68:8f:a8:
                11:9e:ec:f9

            Name: CRL Distribution Points
            URI: "ldap:///CN=labdc01,CN=labdc01,CN=CDP,CN=Public%20Key%20Serv
                ices,CN=Services,CN=Configuration,DC=tf-lab,DC=test2,D
                C=com?certificateRevocationList?base?objectClass=cRLDistribut
                ionPoint"
            URI: "http://labdc01.tf-lab.test2.com/CertEnroll/labdc01.c
                rl"

            Name: Authority Information Access
            Method: PKIX CA issuers access method
            Location:
                URI: "ldap:///CN=labdc01,CN=AIA,CN=Public%20Key%20Services,CN
                    =Services,CN=Configuration,DC=tf-lab,DC=test2,DC=c
                    om?cACertificate?base?objectClass=certificationAuthority"
            Method: PKIX CA issuers access method
            Location:
                URI: "http://labdc01.tf-lab.test2.com/CertEnroll/labdc
                    01.tf-lab.test2.com_labdc01.crt"

            Name: Microsoft Enrollment Cert Type Extension
            Data: "WebServer"

            Name: Certificate Basic Constraints
            Critical: True
            Data: Is not a CA.

            Name: Certificate Key Usage
            Usages: Digital Signature
                    Key Encipherment

            Name: Extended Key Usage
                TLS Web Server Authentication Certificate

    Signature Algorithm: PKCS #1 SHA-1 With RSA Encryption
    Signature:
        0b:f7:2f:25:e5:99:aa:27:59:5d:76:96:5a:64:0b:a7:
        91:7d:48:49:fd:a8:46:db:cc:39:7b:97:34:94:3c:0c:
        7c:fe:4d:f7:99:5e:da:a6:7d:53:5c:36:ba:ed:a7:05:
        60:04:2a:76:6e:02:75:a0:1c:59:bd:ad:82:db:fc:61:
        --removed some--part--
        6d:11:23:4c:77:60:18:ec:fd:47:63:72:d3:00:ee:04:
        c2:01:3a:d8:dc:f1:4b:55:c5:7a:39:09:83:9b:09:bd:
        65:64:4c:6f:8d:19:86:94:95:76:1b:07:08:ad:03:70
    Fingerprint (MD5):
        BD:3D:31:6C:27:A8:82:1A:11:81:5B:F6:56:D7:FA:E3
    Fingerprint (SHA1):
        89:45:EE:8E:7D:B7:01:EB:72:80:F2:86:91:B8:02:D4:60:3A:19:FA

    Certificate Trust Flags:
        SSL Flags:
            Valid CA
            Trusted CA
            User
            Trusted Client CA
        Email Flags:
            User
        Object Signing Flags:
            User



| /usr/lib/mozldap/ldapsearch -h windowshost -p 636 -Z -P /etc/dirsrv/slapd-linux2 -3 -s base -b "" "objectclass=*"

When i do this i am getting cordump ... :((