Comment 4 for bug 257153

Do you have all of the necessary CA certificates in /etc/ssl/certs/ca-certificates.crt ?

As noted in the section about TLS in the Openldap Admin guide:

  If the signing CA was not a top-level (root) CA, certificates for the entire sequence of CA's from the signing CA to the top-level CA should be present. Multiple certificates are simply appended to the file; the order is not significant.