Windows: LDAPS Non Active Directory server communicating with an Active Directory controller
After installing a cert into the AD controller from your local root CA server it is important to remember that your external non AD server will also need a certificate installed. You will want to export the trusted root cert of the CA server from your CA server into the non AD server. Be certain to open 636 in your firewall. This will allow secure SSL over LDAP to go from your Non AD server to your domain controller.