Usando SSL no slapd

Estou configurando o slapd para usar SSL no Fedora 14. Eu tenho o seguinte em meu /etc/openldap/slapd.d/cn=config.ldif:

olcTLSCACertificateFile: /etc/pki/tls/certs/SSL_CA_Bundle.pem
olcTLSCertificateFile: /etc/pki/tls/certs/mydomain.crt
olcTLSCertificateKeyFile: /etc/pki/tls/private/mydomain.key
olcTLSCipherSuite: HIGH:MEDIUM:-SSLv2
olcTLSVerifyClient: demand

e o seguinte no meu / etc / sysconfig / ldap:

SLAPD_LDAP=no
SLAPD_LDAPS=yes

No meu arquivo ldap.conf, tenho

BASE    dc=mydomain,dc=com
URI ldaps://localhost
TLS_CACERTDIR /etc/pki/tls/certs
TLS_REQCERT allow

No entanto, quando me conecto ao host local, o ldapsearch retorna o seguinte:

ldap_initialize( <DEFAULT> )
ldap_create
Enter LDAP Password: 
ldap_sasl_bind
ldap_send_initial_request
ldap_new_connection 1 1 0
ldap_int_open_connection
ldap_connect_to_host: TCP localhost:636
ldap_new_socket: 3
ldap_prepare_socket: 3
ldap_connect_to_host: Trying 127.0.0.1:636
ldap_pvt_connect: fd: 3 tm: -1 async: 0
TLS: loaded CA certificate file /etc/pki/tls/certs/978601d0.0 from CA certificate directory /etc/pki/tls/certs.
TLS: loaded CA certificate file /etc/pki/tls/certs/b69d4130.0 from CA certificate directory /etc/pki/tls/certs.
TLS certificate verification: defer
TLS: error: connect - force handshake failure: errno 0 - moznss error -12271
TLS: can't connect: .
ldap_err2string
ldap_sasl_bind(SIMPLE): Can't contact LDAP server (-1)

O que eu tenho incorreto?