When adding the Active Directory authentication method it fails when the certificate is provided for the server. When the server certificate is added, you get the error message: "An undetermined error occurred." 

VMware NSX 4.1+

This issue occurs due to the older, insecure TLS cipher suites being disabled in NSX 4.1. If the LDAP server does not support the more secure cipher suites that NSX uses, connections will fail. LDAP servers must also support at least TLS version 1.2, or connections will fail. TLS versions 1.1 and earlier are now considered insecure and NSX does not support them by default.

The LDAP server should be updated to negotiate stronger SSL ciphers.

If this is not possible, contact Broadcom support for possible workarounds.