Hi all, I am trying to research how it might be possible to do a directory search for an exact match on a digital certificate storing in userCertificate. Most specifically, I want to do a simple lookup based on a binary match of the cert, its not enough to do the combination of DN and serial number. Does anyone know whether a simple search will work with 389ds or if there are any gotchas to look out for? Some googling would suggest that openldap can’t do it, I was wondering if 389ds had the same problem. Regards, Graham —