Comment 6 for bug 398366

The relevant error message is:

  main: TLS init def ctx failed: -1

That usually means that slapd wasn't able to read the cert, ca cert or private key. Could you make sure that the openldap user has access to the necessary files as well as making sure they're all in /etc/ldap or /etc/ssl/. If not slapd apparmor profile will refuse access to the files.