I have
not been able to figure out how to dump more info on the encryption
levels, certificate CN & expiration date etc. Should this be done
through the openssl functions? If so, what do I hook them to?
Have you try with
"slapd -d trace" option ?
you can get more description of each debugging level from "man
slapd.conf"