Hello Apache Directory Studio development team.
we are using Apache Directory Studio here in Version: 2.0.0.v20151221-M10.
When I connect with it to an LDAP directory server with LDAP unencrypted (TCP389) the userCertificate;binary entry can be obtained just fine including its loading into the build-in Certificate Editor.
But connecting to the same LDAP directory encrypted (TCP636), that same userCertificate;binary entry can't be read and Directory Studio is returning "Invalid Certificate" and then "Can't parse certificate".
This is reproducable with Apache Directory Studio on the following environments I have available here to test:
As well with the relevant command line tools like ldapsearch, ldapmodify etc. I am able to obtain or manipulate that entry on LDAP and LDAPS sockets and even with the "ancient" freeware LDAP-Browser 2.8.2 by Jarek Gawor, Copyright (c) 1998 University of Chicago I still have this is possible.
The directory server used here is running on OpenLDAP. But also when obtaining this with LDAPS from a directory server with the same structure running on OpenDJ, the "Invalid Certificate" is thrown.
That said I think this could be a possible bug - also considering that in my understanding obtaining an (attribute) entry or rather (reading and parsing) its content from a directory server, should be independant at all on how I connect to that directory server (LDAP vs. LDAPS) - isn't it?
In case additional details would be needed I will gladly try to provide them. Please let me know.
I also could provide you a PDF-file containing additional screenshots for the above description.
Thank you in advance for your help and looking into it.