Hi all: I am running Scientific Linux 6 (a Red Hat enterprise repackage). Until recently these machines were interacting fine with our ldap setup. We use a self signed cert for the ldap servers and deploy the CA cert in /etc/openldap/cacert.pem.
Using the disastrous packages created by RedHat with its broken linking to NSS instead of OpenSSL is just asking for trouble. Install a usable build of OpenLDAP.
If you are not comfortable building OpenLDAP and related dependencies yourself, then I would suggest using the packages from the LTB project: <http://ltb-project.org/wiki/download#openldap>
Until you do, you're essentially wasting your time anyone else's by asking questions while using the mess that RedHat ships.
--Quanah -- Quanah Gibson-Mount Sr. Member of Technical Staff Zimbra, Inc A Division of VMware, Inc. -------------------- Zimbra :: the leader in open source messaging and collaboration