|TLS does not require port 636. Port 636 is the default port for SSL, not TLS. TLS can operate on the standard port 389 or any port you listen on.|
His problem appears to be related to the client, not the server. The client does not know where to find the CA to validate the cert. Dieter already answered the question.