You leave out key information -- What version of OpenLDAP are you using? What underlying SSL software are you using? What version of that software? Is your distro Debian?
Its a platform-independent question. There aren't any vendor-local patches that would effect it -- and major OpenSSL development stopped a while back.
I'm going to test it tonight w/ & w/o extensions. ~BAS
