From 960870bcd152ebf1784cd3be765306b3fccb5ac5 Mon Sep 17 00:00:00 2001
From: Marisa <leandromatias.martinez@gmail.com>
Date: Wed, 12 Nov 2025 11:05:42 -0500
Subject: [PATCH] Update INSTALL.md

---
 INSTALL.md | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/INSTALL.md b/INSTALL.md
index 2ddd531..6ad0ea5 100644
--- a/INSTALL.md
+++ b/INSTALL.md
@@ -341,6 +341,16 @@ root@example:/etc/ldap/certs# ldapwhoami -x -H ldaps://example.com
 ```
 Both should return Anonymous.
 
+Another example to try STARTTLS/ldap it is working:
+```
+openssl s_client -connect 127.0.0.1:389 -starttls ldap -servername example.com -quiet
+```
+SSL/ldaps
+```
+openssl s_client -connect example.com:636 -servername example.com -quiet
+```
+Both will show the connection to the openLDAP server showing the CN(dc=example,dc=com)
+
 To connect to the server via `STARTTLS`, use port 389, to connect to the server via `SSL`, use port 636, both auth method Simple. 
 If asked, accept the certificate as with any certificate, or copy the CA file that resides inside ldapdock from out of the container to our host system certificate trust directory (/usr/local/share/ca-certificates/ works for any Debian based distribution):
 ```