I kept reading through the documentation and thought maybe it was the JWP ssl certificate.
So I ran the installcert command, and it turns out the ldap server is already trusted.
java -jar ucsrvjp.jar -installcert adldap.itp.netflix.net:636
Loading KeyStore /usr/java/jre1.7.0_80/lib/security/cacerts...
Opening connection to adldap.itp.netflix.net:636...
Starting SSL handshake...
No errors, certificate is already trusted.
So that was not the issue.