OpenLDAP 2.4.23 - Syncrepl - TLS Trouble

[Alexey Tyurikov <alexey.tyurikov@isko-engineers.de>]

Dear OpenLDAP experts,

I'm about to setup an OpenLDAP server with the following features:
- TLS/SSL with self-signed certificates
- TLS-encrypted N-way replication (Syncrepl)

My environment:
- 2 x RHEL 6.0
- OpenLDAP 2.4.23

I try to sync both databases: cn=config and backend-db. The problem is 
that I'm not able to turn on TLS for both sync-connections at the same 
time. It works for each connection but only if the second one is 
unencrypted.

Working configuration:
-----
olcDatabase={0}config,cn=config
...
olcSyncrepl: {0}rid=001 provider=ldap://ldapserver1.com 
binddn="cn=config" bindmethod=simple credentials=secret 
searchbase="cn=config" type=refreshAndPersist retry="5 5 300 5" timeout=1
olcSyncrepl: {1}rid=002 provider=ldap://ldapserver2.com 
binddn="cn=config" bindmethod=simple credentials=secret 
searchbase="cn=config" type=refreshAndPersist retry="5 5 300 5" timeout=1
...
olcDatabase={1}bdb,cn=config
...
olcSyncrepl: {0}rid=003 provider=ldap://ldapserver1.com 
binddn="cn=manager,dc=ldap,dc=com" bindmethod=simple 
credentials=password searchbase="dc=ldap,dc=com" type=refreshOnly 
interval=00:00:00:10 retry="5 5 300 5" timeout=1 starttls=yes 
tls_cacert=/etc/openldap/cacerts/ca.pem
olcSyncrepl: {1}rid=004 provider=ldap://ldapserver2.com 
binddn="cn=manager,dc=ldap,dc=com" bindmethod=simple 
credentials=password searchbase="dc=ldap,dc=com" type=refreshOnly 
interval=00:00:00:10 retry="5 5 300 5" timeout=1 starttls=yes 
tls_cacert=/etc/openldap/cacerts/ca.pem
-----

(desired) Configuration, which doesn't work:
-----
olcDatabase={0}config,cn=config
...
olcSyncrepl: {0}rid=001 provider=ldap://ldapserver1.com 
binddn="cn=config" bindmethod=simple credentials=secret 
searchbase="cn=config" type=refreshAndPersist retry="5 5 300 5" 
timeout=1 starttls=yes tls_cacert=/etc/openldap/cacerts/ca.pem
olcSyncrepl: {1}rid=002 provider=ldap://ldapserver2.com 
binddn="cn=config" bindmethod=simple credentials=secret 
searchbase="cn=config" type=refreshAndPersist retry="5 5 300 5" 
timeout=1 starttls=yes tls_cacert=/etc/openldap/cacerts/ca.pem
...
olcDatabase={1}bdb,cn=config
...
olcSyncrepl: {0}rid=003 provider=ldap://ldapserver1.com 
binddn="cn=manager,dc=ldap,dc=com" bindmethod=simple 
credentials=password searchbase="dc=ldap,dc=com" type=refreshOnly 
interval=00:00:00:10 retry="5 5 300 5" timeout=1 starttls=yes 
tls_cacert=/etc/openldap/cacerts/ca.pem
olcSyncrepl: {1}rid=004 provider=ldap://ldapserver2.com 
binddn="cn=manager,dc=ldap,dc=com" bindmethod=simple 
credentials=password searchbase="dc=ldap,dc=com" type=refreshOnly 
interval=00:00:00:10 retry="5 5 300 5" timeout=1 starttls=yes 
tls_cacert=/etc/openldap/cacerts/ca.pem
-----

/etc/openldap/cacerts/ca.pem contains CA certificates of both servers.

What is wrong? I would be very thankful for every advise.