$ openssl s_client --connect ldap.anarcha.pink:636
CONNECTED(00000003)                                       
depth=2 O = Digital Signature Trust Co., CN = DST Root CA X3
verify return:1                    
depth=1 C = US, O = Let's Encrypt, CN = Let's Encrypt Authority X3
verify return:1                       
depth=0 CN = ldap.anarcha.pink
verify return:1                                        
---             
Certificate chain
 0 s:/CN=ldap.anarcha.pink                         
   i:/C=US/O=Let's Encrypt/CN=Let's Encrypt Authority X3
 1 s:/C=US/O=Let's Encrypt/CN=Let's Encrypt Authority X3
   i:/O=Digital Signature Trust Co./CN=DST Root CA X3
---            
Server certificate
-----BEGIN CERTIFICATE-----
[...]
Certificat de ldap.anarcha.pink
[...]
-----END CERTIFICATE-----
subject=/CN=ldap.anarcha.pink
issuer=/C=US/O=Let's Encrypt/CN=Let's Encrypt Authority X3
---
No client certificate CA names sent
Peer signing digest: SHA512
Server Temp Key: ECDH, P-256, 256 bits
---
SSL handshake has read 3239 bytes and written 302 bytes
Verification: OK
---
New, TLSv1.2, Cipher is ECDHE-RSA-AES256-GCM-SHA384
Server public key is 2048 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
    Protocol  : TLSv1.2
    Cipher    : ECDHE-RSA-AES256-GCM-SHA384
    Session-ID: 97D588825098C4361F4046846C5F7819F18656403B9EDB525F279CCB876AB426
    Session-ID-ctx:
    Master-Key: 126ADE5FB2B02BF693212955F4DD151C8105A48FD9D1BECC886E63AB81065D6B9E0EB814C057DA6FF59FFF4800BA3E85
    PSK identity: None
    PSK identity hint: None
    SRP username: None
    Start Time: 1530115216
    Timeout   : 7200 (sec)
    Verify return code: 0 (ok)
    Extended master secret: yes
---