The global addressbook in Apple Mail provided by Exchange already contains all TU Dresden certificates. Please configure the LDAP directory only to find certificates of other universities and institutions in the DFN.
The following describes the configuration of Apple Mail for the integration of the DFN PKI LDAP directory service.
Apple Mail stores all certificates in the central "Keychain Management" of macOS. So far Apple Mail cannot automatically access the certificates from the LDAP directory. Therefore, have your email partner send you a signed email. The certificate is then automatically saved in the keychain management. However, you can use the DFN PKI LDAP as an address book.
Name: DFN PKI LDAP
Search range: o=DFN-Verein, c=DE
Range: Subtree
Server: ldap.pca.dfn.de
Port: 636
Use SSL
Identification: None