To be able to use ldapsearch line command, with ssl server setup,
setup a keyring for the user that contains the signing certauth certificates of the server certificate.
Then setup a file called ldaprc in the users home directory.
The contents of ldaprc should be...
You can also specify any preferred cipher suite e.g.
And add minimum protocol level e.g.
note: only TLS_KEYRING is required.
This link provides details of all available client configuration options.