I see now. Thank you for explaining.

-Mike

> From: daff@pseudoterminal.org
> To: openldap-technical@openldap.org
> Subject: Re: Strange behavior with TLS with self-signed certs
> Date: Fri, 7 Jan 2011 19:45:46 +0100
>
> On Friday 07 January 2011 04:18:40 Michael Starling wrote:
> > #TLS settings
> > ssl start_tls
> > ssl on
>
> That should be either "ssl start_tls" OR "ssl on", not both. If you
> specify "ssl start_tls" then you should use the ldap:// URL schema, if
> you specify "ssl on" then you should use ldaps://.
>
> Andreas