Do you have all of the necessary CA certificates in /etc/ssl/certs/ca-certificates.crt ?
As noted in the section about TLS in the Openldap Admin guide:
If the signing CA was not a top-level (root) CA, certificates for the entire sequence of CA's from the signing CA to the top-level CA should be present. Multiple certificates are simply appended to the file; the order is not significant.
Do you have all of the necessary CA certificates in /etc/ssl/ certs/ca- certificates. crt ?
As noted in the section about TLS in the Openldap Admin guide:
If the signing CA was not a top-level (root) CA, certificates for the entire sequence of CA's from the signing CA to the top-level CA should be present. Multiple certificates are simply appended to the file; the order is not significant.