Hi

I am running Openldap 2.4.23 on RHEL6. I can telnet to the server on both 389 636 ports.
I can do a ldapsearch and ldapadd without any errors. I get this error when I start the slapd daemon.

ldap_start_tls_s() failed: Can't contact LDAP server: Transport endpoint is not connected (uri="ldap://ldapserver")
failed to bind to LDAP server ldap://ldapserver: Can't contact LDAP server: Transport endpoint is not connected

When I do a ldapsearch -x -d1 -Z -b 'dc=flamengro,dc=co,dc=za'

I get the following error

TLS: certificate [CA certificate details omitted here...] is not valid - error -8172:Peer's certificate issuer has been marked as not trusted by the user..
TLS: error: connect - force handshake failure: errno 0 - moznss error -8172
TLS: can't connect: TLS error -8172:Peer's certificate issuer has been marked as not trusted by the user..
ldap_err2string
ldap_start_tls: Connect error (-11)
    additional info: TLS error -8172:Peer's certificate issuer has been marked as not trusted by the user

Any help will be appreciated.

This is my slapd.conf file

include         /etc/openldap/schema/corba.schema
include         /etc/openldap/schema/core.schema
include         /etc/openldap/schema/cosine.schema
include         /etc/openldap/schema/duaconf.schema
include         /etc/openldap/schema/dyngroup.schema
include         /etc/openldap/schema/inetorgperson.schema
include         /etc/openldap/schema/java.schema
include         /etc/openldap/schema/misc.schema
include         /etc/openldap/schema/nis.schema
include         /etc/openldap/schema/openldap.schema
include         /etc/openldap/schema/ppolicy.schema
include         /etc/openldap/schema/collective.schema
allow bind_v2
pidfile         /var/run/openldap/slapd.pid
argsfile        /var/run/openldap/slapd.args
TLSCipherSuite          HIGH
TLSCertificateFile      /etc/pki/tls/certs/slapdcert.pem
TLSCertificateKeyFile   /etc/pki/tls/certs/slapdkey.pem
TLSVerifyClient         never
database        bdb
suffix          "dc=flamengro,dc=co,dc=za"
checkpoint      1024 15
rootdn          "cn=Manager,dc=flamengro,dc=co,dc=za"
rootpw                secret
directory       /var/lib/ldap/flamengro
index objectClass                       eq,pres
index ou,cn,mail,surname,givenname      eq,pres,sub
index uidNumber,gidNumber,loginShell    eq,pres
index uid,memberUid                     eq,pres,sub
index nisMapName,nisMapEntry            eq,pres,sub
database monitor
# allow only rootdn to read the monitor
access to *
        by dn.exact="cn=Manager,dc=flamengro,dc=co,dc=za" read
        by * none
access to attrs=userPassword,shadowLastChange
        by anonymous auth
        by self write
        by * none

I