On Mon, 15 Oct 2012, Darouichi, Aziz wrote:
TLS trace: SSL3 alert write:fatal:unknown CA
Did you (try to) configure the CA on your client (i.e. in ldap.conf or similar)? For example, a "TLS_CACERT" or "TLS_CACERTDIR" directive that points to the appropriate CA certificate. See also ldap.conf(5) man page.