on the console, retrieve a X.590-certificate (for S/MIME signing and encrypting e-mail) from an LDAP-directory:
$> ldapsearch -T /tmp/ -v -x -h your.ldap-server.com -t -b o=DFN-Verein,c=DE -LLL "(cn=Senat*)"If successful, this command will store the binary cert in the specified directory (here: /tmp) under a somewhat cryptic filename (eg:
ldapsearch-cACertificate;binary-KxwX3w).Your mileage should vary for:
-h your.ldap-server.com
-b searchbase
