The LDAP parameters have been configured properly and the user is able to verify the LDAP parameters correctly. However, when enabling the encryption checkbox the LDAP parameters do not get verified.
This issue occurs because EM is not able to verify the LDAP server certificate to establish the secure connection with the LDAP server. The LDAP server certificate (if self signed) or the signing chain for the LDAP server certificate must be imported into the CA certs file of the JRE used by Enterprise Manager.
On the EM system, open a command prompt and go to the C:\Program Files\Java\jre1.7.x\bin folder.
Run the following at the command prompt, where <ldapserver> is replaced by a friendly name for the ldap server host or the signing authority as applicable:
Note: There may be a chain leading to the root certificate so the step may need to be repeated for each certificate in the chain. If you do need to add multiple certificates make sure to specify a different alias name for each import. For example: