Five or six years ago LDAP had an issue in using SSL for NSS and pam.d authentication. As a result you had to use NSCD to make it work.
One would expect that over the years this was solved. This week I was adding new virtual servers to our Vsphere “cloud” and guess what! Same problem still exists (or at least I feel it’s the same).
It *is* a bug, not a feature! Please fix this!