Self-signed certs can be made to work, but should not be used. They are a security liability. Please read the admin guide: http://www.openldap.org/doc/admin21/tls.html
-Brad