I am attempting to connect my zimbra instance to my newer LDAP server that uses 389 Directory Server. I have TLS/SSL enabled on the LDAP server and most of the servers are happy to work with it. I usually set the ldap up in the /etc/ldap.conf and everything is happy. When adding the server to the Authentication tab in the Admin Console, I click SSL and ldaps:// comes up as it should. I put the bind DN and password in, everything seems fine. The Test cinfig button shows the following error:

"SSL connect problem, most likely untrusted certificate"

How do I get this certificate to be trusted?

Most of my clients use a cacert.asc file to verify the cert. Any ideas why I cannot get zimbra to look to this cacert.asc file to verify things? I have placed it in the /etc/openldap/cacerts and /opt/zimbra/ssl/zimbra/ca/

Do I need to edit the /opt/zimbra/ssl/zimbra/ca/zmssl.conf file? In what way? Specifying a cacert file is possible here? If not how would I convert it to the pem crt csr key format?

This is all so my zimbra server can do LDAP(S) lookups to another server on my network. No one will look to the cacert.asc except my zimbra server.