that's not the issue. A TLS server sent it's certificate and all intermediates EXCLUDING the self signed root to the client. This is not true for my setup and I don't know why: misconfiguration or wrong ssl implementation.
Sorry, reading back over your configuration, I don't believe it's valid to specify both a CA path and a CA directory. You can use one or the other.
--Quanah -- Quanah Gibson-Mount Product Architect Symas Corporation Packaged, certified, and supported LDAP solutions powered by OpenLDAP: <http://www.symas.com>