Not able to connect to openldap server in ldaps mode - CentOS

I have configured my openldap server in ldaps mode. But after configuring I am not able to connect it on 636 port where as I am able to connect on 389 port [root@testldap certs]# ldapsearch -x -LLL -h testldap.india.airwave.com -p 636 -D cn=Manager,dc=india,dc=airwave,dc=com -w whopee -b "ou=Users,dc=india,dc=airwave,dc=com" ldap_result: Can't contact LDAP server (-1) [root@testldap certs]# ldapsearch -x -LLL -h testldap.india.airwave.com -p 389 -D cn=Manager,dc=india,dc=airwave,dc=com -w whopee -b "ou=Users,dc=india,dc=airwave,dc=com" dn: ou=users,dc=india,dc=airwave,dc=com objectClass: organizationalUnit ou: users dn: cn=Sandeep Lade,ou=users,dc=india,dc=airwave,dc=com cn: Sandeep Lade sn: Lade objectClass: inetOrgPerson userPassword:: d2hvcGVl uid: vlade dn: cn=Engineering,ou=users,dc=india,dc=airwave,dc=com cn: Engineering objectClass: groupOfNames member: cn=Sandeep Lade,ou=users,dc=india,dc=airwave,dc=com Both 389 and 636 are listening [root@testldap certs]# netstat -an | grep 389 tcp 0 0 0.0.0.0:389 0.0.0.0:* LISTEN tcp 0 0 :::389 :::* LISTEN unix 2 [ ] DGRAM 19389 [root@testldap certs]# netstat -an | grep 636 tcp 0 0 0.0.0.0:636 0.0.0.0:* LISTEN tcp 0 0 :::636 :::* LISTEN unix 3 [ ] STREAM CONNECTED 13636 [root@testldap certs]# Able to connect to 636 port using openssl connect [root@localhost sandeeplade]# openssl s_client -connect 10.22.156.157:636 -showcerts -CAfile cacert.pem CONNECTED(00000003) write:errno=104 --- no peer certificate available --- No client certificate CA names sent --- SSL handshake has read 0 bytes and written 307 bytes --- New, (NONE), Cipher is (NONE) Secure Renegotiation IS NOT supported Compression: NONE Expansion: NONE No ALPN negotiated SSL-Session: Protocol : TLSv1.2 Cipher : 0000 Session-ID: Session-ID-ctx: Master-Key: Key-Arg : None Krb5 Principal: None PSK identity: None PSK identity hint: None Start Time: 1516769274 Timeout : 300 (sec) Verify return code: 0 (ok) --- [root@localhost sandeeplade]# ldap.conf file [root@testldap certs]# cat /etc/openldap/ldap.conf # # LDAP Defaults # # See ldap.conf(5) for details # This file should be world readable but not world writable. #BASE dc=example,dc=com #URI ldap://ldap.example.com ldap://ldap-master.example.com:666 #SIZELIMIT 12 #TIMELIMIT 15 #DEREF never PORT 636 #TLS_CACERTDIR /etc/openldap/certs TLS_CACERTDIR /etc/openldap/certs TLS_REQCERT allow ssl start_tls tls_checkpeer yes tls_cacertfile /etc/openldap/certs/cacert.pem [root@testldap certs]# slapd.conf file [root@testldap certs]# cat /etc/openldap/slapd.conf TLSCACertificateFile /etc/openldap/certs/cacert.pem TLSCertificateFile /etc/openldap/certs/server.crt TLSCertificateKeyFile /etc/openldap/certs/server.key # Use the following if client authentication is required #TLSVerifyClient demand # ... or not desired at all TLSVerifyClient never [root@testldap certs]# certificates are available in /etc/openldap/certs and they are generated using openssl [root@testldap certs]# cd /etc/openldap/certs/ [root@testldap certs]# ls -lrt total 96 -r--------. 1 root root 45 Jan 23 21:59 password -rw-r--r--. 1 root root 16384 Jan 23 21:59 secmod.db -rw-r--r--. 1 root root 65536 Jan 23 21:59 cert8.db -rw-r--r--. 1 root root 16384 Jan 23 21:59 key3.db -rw-------. 1 ldap ldap 1743 Jan 23 23:57 server.key.pass -rw-r--r--. 1 root root 1094 Jan 23 23:59 server.csr -rw-r--r--. 1 root root 4718 Jan 24 00:02 server.crt -rw-r--r--. 1 root root 1675 Jan 24 00:38 server.key -rw-r--r--. 1 root root 4537 Jan 24 05:18 cacert.pem [root@testldap certs]# ldaps enabled in /etc/sysconfig/ldap [root@testldap certs]# cat /etc/sysconfig/ldap # Options of slapd (see man slapd) #SLAPD_OPTIONS= # At least one of SLAPD_LDAP, SLAPD_LDAPI and SLAPD_LDAPS must be set to 'yes'! # # Run slapd with -h "... ldap:/// ..." # yes/no, default: yes SLAPD_LDAP=yes # Run slapd with -h "... ldapi:/// ..." # yes/no, default: yes SLAPD_LDAPI=yes # Run slapd with -h "... ldaps:/// ..." # yes/no, default: no SLAPD_LDAPS=yes # Run slapd with -h "... $SLAPD_URLS ..." # This option could be used instead of previous three ones, but: # - it doesn't overwrite settings of $SLAPD_LDAP, $SLAPD_LDAPS and $SLAPD_LDAPI options # - it isn't overwritten by settings of $SLAPD_LDAP, $SLAPD_LDAPS and $SLAPD_LDAPI options # example: SLAPD_URLS="ldapi:///var/lib/ldap_root/ldapi ldapi:/// ldaps:///" # default: empty #SLAPD_URLS="" # Maximum allowed time to wait for slapd shutdown on 'service ldap stop' (in seconds) #SLAPD_SHUTDOWN_TIMEOUT=3 # Parameters to ulimit, use to change system limits for slapd #SLAPD_ULIMIT_SETTINGS="" [root@testldap certs]# I am struggling to get the openldap worked from past two days. Any help is highly appreciated