CA Directory uses a single port to provide both LDAP and LDAPS communication. At times one to disable non-LDAPS connection to the directory.
Release: 14.1
Component: CA Directory
If you want to force SSL-only connections from an LDAP client, you need to add the following to the settings config:
force-encrypt-anon = true;
Forces SSL encryption on anonymous binds.
OR
force-encrypt-auth = true;
Forces SSL encryption on authenticated binds.
as documented on the following link
Note that there other requirement to allow TLS/SSL communication to begin with. Please refer to the product documentation for those pre-requisites.