We are using our own CA sign certificate for TLSCertificateFile and TLSCertificateKeyFile.
We store the CA certificates at our location /tmp/ldap/ca.pem --> Signer CA Certificate
below is our configuration in slapd.conf :
# Enable only >= TLSv1.2 TLSProtocolMin 3.3 TLSCertificateFile /tmp/ldap/consumer_hostname.crt TLSCertificateKeyFile /tmp/ldap/consumer_hostname.key
Note : We are using RHEL 9. TLSCipherSuite ECDHE-RSA-AES256-SHA