I have a working setup with OpenSMTPD 6.6.4 (hosted on a debian 10) that is plugged on a OpenLDAP 2.4.50 server (hosted on a Alpine 3.8), based on this blogpost. It works with plain LDAP connection, but fails with LDAPS.

/etc/smtpd.conf

pki mail.mydomain.tld cert "/path/to/fullchain.pem"
pki mail.mydomain.tld key "/path/to/privkey.pem"
pki mail.mydomain.tld dhe auto

public_addr = "xxx.xxx.xxx.xxx"
listen on $public_addr port 465 smtps pki mail.mydomain.tld auth
listen on $public_addr port 587 tls-require pki mail.mydomain.tld auth

table ldap ldap:/etc/mail/ldap.conf

action dovecot lmtp "/var/run/dovecot/lmtp" userbase <ldap>
action "relay" relay

match from any for domain "mydomain.tld" action "dovecot"
match from any action "relay"

/etc/mail/ldap.conf

url                     ldap://ldap.mydomain.tld
username                cn=admin,dc=mydomain,dc=tld
password                xxxxxxxx
basedn                  ou=Users,dc=mydomain,dc=tld

...

Switching to ldaps://ldap.mydomain.tld in /etc/mail/ldap.conf will make OpenSMTPD fail to start:

Jul 16 16:26:55 mail.mydomain.tld systemd[1]: Starting OpenSMTPD SMTP server...
Jul 16 16:26:55 mail.mydomain.tld smtpd[5073]: info: OpenSMTPD 6.6.4p1 starting
Jul 16 16:26:55 mail.mydomain.tld systemd[1]: Started OpenSMTPD SMTP server.
Jul 16 16:26:55 mail.mydomain.tld smtpd[5077]: warn: table-proc: imsg_read: Connection reset by peer
Jul 16 16:26:55 mail.mydomain.tld smtpd[5077]: lookup: table-proc: exiting
Jul 16 16:26:55 mail.mydomain.tld smtpd[5074]: warn: parent -> lka: imsg_read: Connection reset by peer
Jul 16 16:26:55 mail.mydomain.tld smtpd[5074]: smtpd: exiting: Connection reset by peer

How can I fix this configuration to enable ldaps connection with OpenSMTPD?

warn: ldap_parse_url fail
warn: ldap_connect error
fatal: failed to connect