==== REQUIRED BASIC INFO OF YOUR IREDMAIL SERVER ====
- iRedMail version (check /etc/iredmail-release):
iRedMail Enterprise v1.3.1
- Deployed with iRedMail Easy or the downloadable installer?
iRedMail Enterprise
- Linux/BSD distribution name and version:
Ubuntu 24.04
- Store mail accounts in which backend (LDAP/MySQL/PGSQL):
LDAP
- Web server (Apache or Nginx):
Apache
- Manage mail accounts with iRedAdmin-Pro?
iRedmail Enterprise
- [IMPORTANT] Related original log or error message is required if you're experiencing an issue.
====

I have been able to integrate some other servers with the LDAP server running on my iRedMail Enterprise server using unencrypted ldap.

I wish to switch to ldaps on an integration, but I keep getting an error, from either the remote or local machine running an ldapsearch.

ldapsearch -x -b "dc=mydomain,dc=com" -H ldaps://127.0.0.0 -D "cn=vmail,dc=mydomain,dc=com" -W "(&(objectclass=mailUser)(enabledService=nextcloud))"
ldap_sasl_bind(SIMPLE): Can't contact LDAP server (-1)

I have a valid certificate in slapd.conf.

I have ldaps:/// in the SLAPD_SERVICES line of /etc/default/slapd.

TCP ports 389 and 636 are open in the machine firewall.

lsof -i:636 shows that slapd is listening to port 636.

Any other troubleshooting steps I might try to get the iRedMail LDAP server to allow connections via ldaps://?