mi fichero ldap.conf , parte, es el siguiente:
# Enable Start TLS
TLSEnable yes
# TLSEnable no
# Follow LDAP Referrals (anonymously)
FollowReferrals yes
# TLS CA Certificate File
#TLSCACertFile /usr/local/etc/ssl/ca.pem
TLSCACertFile /var/lib/zentyal/CA/certs/07CE9398A73E3B8D.pem
# TLS CA Certificate Directory
TLSCACertDir /var/lib/zentyal/CA/certs/
# Client Certificate and key
# If TLS client authentication is required
TLSKeyFile /var/lib/zentyal/CA/keys/JuanAntonioRodriguezGST.pem
TLSCertFile /var/lib/zentyal/CA/keys/07CE9398A73E3B8E.pem
no sé muy bien si eso está bien puesto......