On the OES server, run the following command against the LDAP server (for example, 192.168.211.21) to verify that the certificate is using the SHA-2 signature.
openssl s_client -connect 192.168.211.21:636 < /dev/null 2>/dev/null | openssl x509 -text -in /dev/stdin | grep "Signature Algorithm"
If the return value is: Signature Algorithm: sha256WithRSAEncryption, then it is a RSA signature being protected by a SHA256 (SHA-2) accompanying hash function.
Run the following command to verify the certificate file on the file system.
"openssl x509 -in /etc/opt/novell/certs/SSCert.der -inform der -text -noout"