Sarah Jay wrote:So now for LDAPS we should use SSL for both ways
This assertion doesn't make a lot of sense. SSL is a bidirectional protocol. Either both sides use the same SSL connection, or neither does.
SSL certificate is mandatory
Theoretically not. The SSL spec states that both client and server certificates are optional.
In practice, pretty much all secure application layer protocols require server authentication through certificates at the socket layer. However, most servers will allow clients to connect without a client certificate. Instead, client authentication is performed at the application level (using usernames and passwords or single sign-on)
And if I have to use SSL certificates could you please give me an Idea how can I do it...
Wasn't this already explained in your other topic, regarding how to set up the domain controller? For the client side, I don't think you need certificates. If you do, you can probably find out how through the JSSE reference guide, which you can find through the page you linked to.