Comment 41 for bug 305264

One workaround is to put all of the CA certs in the trusted CA certificate file.

If the system running slapd is on hardy (or intrepid or jaunty) you should also add all of the CA certificates to the server certificate file - this is to workaround a bug where the slapd daemon doesn't send all of the CA certificates to the client.