diff --git a/tests/certs/user-cert-no-uid.pem b/tests/certs/user-cert-no-uid.pem
new file mode 100644
index 00000000..87c2d266
--- /dev/null
+++ b/tests/certs/user-cert-no-uid.pem
@@ -0,0 +1,21 @@
+-----BEGIN CERTIFICATE-----
+MIIDcTCCAimgAwIBAgIEUdgvGDANBgkqhkiG9w0BAQsFADANMQswCQYDVQQDEwJD
+QTAgFw0xMzA2MDYxMjUxMjlaGA85OTk5MTIzMTIzNTk1OVowDzENMAsGA1UEAxME
+dGVzdDCCAVIwDQYJKoZIhvcNAQEBBQADggE/ADCCAToCggExAKtUmPypxhWVnabB
+lISUkXkeeNstSFGZZQECwEBSSV3rcLwm72g5HgSR4tvLb5NARR4ijnFaWIkoeV4a
+MiU+i507NH8Z+NAvN7diMrdTpUMsxV3srPk1+hQrNGbx1qeh0IOaVvQZg7y/EXQw
+LagoW6KresbNnFz4UempDEjbcbuxNHf37t5deMBICjcNZR47KxQDiXLyUu1fAMUG
+YOqAINBD7Ga80ibb8Ck+avliIL5YJkS614xvdqYFIOSYt8Ryel3fTw0j7C6cceww
++RRfyHULq2f2fftNdmRKpdX6tAhQnRPHj8J5sLQ+L4nTMydNn4vTYCQHq7JyPSml
+xErsPATSST4mG+x6ED3KRVqAi00qlmNPLWMoDztHR8p8LBVBMtXgyb6lVSyza0Yq
+VrEb7SkCAwEAAaN1MHMwDAYDVR0TAQH/BAIwADATBgNVHSUEDDAKBggrBgEFBQcD
+AjAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0OBBYEFIsBCUs7kezjIbkd7I1rTF2eQIBe
+MB8GA1UdIwQYMBaAFEgjNFMKiTE4SlrqyrbSpt7OHSsYMA0GCSqGSIb3DQEBCwUA
+A4IBMQBlpDoz9srC2Z3u8womPq3/fUh6p26B//LiB9gWdQLsQBJcexa2rcKorrVC
+q1w4QM2F639RweG96HXr/pflRBtrLoxNIc7i4NB5Plq8xs3L1quywKdQhaJaHU8g
+8FBXRW7g9RL1PqPmffK2g25nPAbWUs0zHviSVKH1e/ZKewzGhNnoCliCnUuRm2Gp
+Ox+kAvC1bvj4Lx/QpQG/BR+Ual3X3nA3sTiRncfe10bSw4tTbD1XNSDHnrZBYT1X
+AxhrfNWm/niI42d0V056ZyBbrQby6PBSnp8PyvtMXTqzkqw8At7cxkElbMesvNHu
+3h6Hh6v7BCVj0kvu5NTfFtLJsVFANRGF7R2fLkIKDaUbkN50stiNZj41OTHp2db7
+qeN5jJm6zTU6t/uhBAKpgYmweuFo
+-----END CERTIFICATE-----
diff --git a/tests/certs/user-cert-no-uid.tmpl b/tests/certs/user-cert-no-uid.tmpl
new file mode 100644
index 00000000..ff9aa139
--- /dev/null
+++ b/tests/certs/user-cert-no-uid.tmpl
@@ -0,0 +1,7 @@
+dn = "cn=test"
+tls_www_client
+signing_key
+encryption_key
+expiration_days = -1
+activation_date = "2013-06-06 14:51:29"
+serial = 0x51d82f18
diff --git a/tests/certs/user-cert-uid-other.pem b/tests/certs/user-cert-uid-other.pem
new file mode 100644
index 00000000..1ff60afe
--- /dev/null
+++ b/tests/certs/user-cert-uid-other.pem
@@ -0,0 +1,22 @@
+-----BEGIN CERTIFICATE-----
+MIIDjjCCAkagAwIBAgIEUdgvFzANBgkqhkiG9w0BAQsFADANMQswCQYDVQQDEwJD
+QTAgFw0xMzA2MDYxMjUxMjlaGA85OTk5MTIzMTIzNTk1OVowLDEPMA0GA1UEAxMG
+QSB1c2VyMRkwFwYKCZImiZPyLGQBARMJb3RoZXJ1c2VyMIIBUjANBgkqhkiG9w0B
+AQEFAAOCAT8AMIIBOgKCATEAq1SY/KnGFZWdpsGUhJSReR542y1IUZllAQLAQFJJ
+XetwvCbvaDkeBJHi28tvk0BFHiKOcVpYiSh5XhoyJT6LnTs0fxn40C83t2Iyt1Ol
+QyzFXeys+TX6FCs0ZvHWp6HQg5pW9BmDvL8RdDAtqChboqt6xs2cXPhR6akMSNtx
+u7E0d/fu3l14wEgKNw1lHjsrFAOJcvJS7V8AxQZg6oAg0EPsZrzSJtvwKT5q+WIg
+vlgmRLrXjG92pgUg5Ji3xHJ6Xd9PDSPsLpxx7DD5FF/IdQurZ/Z9+012ZEql1fq0
+CFCdE8ePwnmwtD4vidMzJ02fi9NgJAersnI9KaXESuw8BNJJPiYb7HoQPcpFWoCL
+TSqWY08tYygPO0dHynwsFUEy1eDJvqVVLLNrRipWsRvtKQIDAQABo3UwczAMBgNV
+HRMBAf8EAjAAMBMGA1UdJQQMMAoGCCsGAQUFBwMCMA4GA1UdDwEB/wQEAwIFoDAd
+BgNVHQ4EFgQUiwEJSzuR7OMhuR3sjWtMXZ5AgF4wHwYDVR0jBBgwFoAUSCM0UwqJ
+MThKWurKttKm3s4dKxgwDQYJKoZIhvcNAQELBQADggExAI+zxEuTdWooR3HdFgQQ
+UbC4ei/Jh8T8Pa6kcuHRPsr6Z+zMJpTEiNW/X5tOfaRIkykn9mXtHvy7s77lfQqC
+BaM2TxnNwARlm3amVHo/cZBlaact+Z7gSbcPYk9ZbjOc6MEa4WG/iwpF3kTehCX8
+hAXI7rrSz0xDmKPoqdnBXg9v3uim2fM7Mzrf18Y7iwlv+fUjK7hLDChS8IeIq/sw
+SlGr2LkJ5bwvS3Ti4Nrpi9VhscQhhFmChBld8MkBB0C/Y0XSZEEyG0lAol+OZiSl
+8vutB/JfDN2dAIjDYA/1YSQCvEnzbRHahgBK8QAfP9NK3TF/sCjwN8USZG+zJgGf
+sg5vpm8kY9NdLqSfPUmIk8ZWYh1fWfVsQTH+Z1VGYKurwhgUdgd2/Hf4zHUpIpV1
+3bQ=
+-----END CERTIFICATE-----
diff --git a/tests/certs/user-cert-uid-other.tmpl b/tests/certs/user-cert-uid-other.tmpl
new file mode 100644
index 00000000..08abf1b3
--- /dev/null
+++ b/tests/certs/user-cert-uid-other.tmpl
@@ -0,0 +1,7 @@
+dn = "uid=otheruser,cn=A user"
+tls_www_client
+signing_key
+encryption_key
+expiration_days = -1
+activation_date = "2013-06-06 14:51:29"
+serial = 0x51d82f17
diff --git a/tests/test-pass-cert b/tests/test-pass-cert
index 8d284b84..8dd63bcb 100755
--- a/tests/test-pass-cert
+++ b/tests/test-pass-cert
@@ -51,10 +51,17 @@ echo -n "Connecting to obtain cookie (with incorrect certificate)... "
 
 echo ok
 
+echo -n "Connecting to obtain cookie (with certificate with different UID OID)... "
+( echo "test" | LD_PRELOAD=libsocket_wrapper.so $OPENCONNECT -q $ADDRESS:$PORT --sslkey ${srcdir}/certs/user-key.pem -c ${srcdir}/certs/user-cert-uid-other.pem -u test --servercert=pin-sha256:xp3scfzy3rOQsv9NcOve/8YVVv+pHr4qNCXEXrNl5s8= --cookieonly >/dev/null 2>&1 ) &&
+	fail $PID "Should not have connected with certificate for a different user!"
 
-#echo "Normal connection... "
-#( echo "test" | $OPENCONNECT -q $ADDRESS:$PORT -u test --servercert=pin-sha256:xp3scfzy3rOQsv9NcOve/8YVVv+pHr4qNCXEXrNl5s8= --script=/bin/true ) ||
-#	fail $PID "Could not connect to server"
+echo ok
+
+echo -n "Connecting to obtain cookie (with certificate without UID OID)... "
+( echo "test" | LD_PRELOAD=libsocket_wrapper.so $OPENCONNECT -q $ADDRESS:$PORT --sslkey ${srcdir}/certs/user-key.pem -c ${srcdir}/certs/user-cert-no-uid.pem -u test --servercert=pin-sha256:xp3scfzy3rOQsv9NcOve/8YVVv+pHr4qNCXEXrNl5s8= --cookieonly >/dev/null 2>&1 ) &&
+	fail $PID "Should not have connected with certificate lacking UID OID!"
+
+echo ok
 
 cleanup