Configuring TLS

Howdy.

We run an OpenLDAP environment that I'm attempting to lock down.

Right now all LDAP communication takes place in cleartext-- obviously this isn't optimal. I'm attempting to configure TLS, and hitting a few snags.

On the server I've generated a PEM that includes both the key and the certificate. I've also broken them down into component files. Given that this isn't a signed certificate, what are the options I need in slapd.conf?

If anyone can shed some light, or point me towards a tutorial, I'd be most grateful.

Regards, Jay Chandler