ActiveDirectory Synchronization Communications
If you want to encrypt the directory synchronization traffic between ActiveDirectory and the Management Server,
you must installa server-sideTLS/SSL certificate on the domain controller.This certificate must possess the following characteristics:
Valid during the period in which it will be used;
Enabled for server authentication;
Contains the privatekey;
Issued to the FQDN of the domain controller ;and
Installed in the Personal certificate store of the computer hosting the domain controller.