This article covers how to configure Active Directory so that clients can communicate with it over SSL.
If the Windows Certificate Authority role is running on the domain controller then there is nothing more to do. SSL/TLS (LDAPS) is automatically enabled for Active Directory.
For instructions on how to install a certificate authority see: Install the Certification Authority
When there is a multi-tier certificate authority (CA) hierarchy in place Active Directory is not automatically enabled for SSL/TLS (LDAPS).
To enable it in this case see: LDAP over SSL (LDAPS) Certificate
A third party certificate authority can be used to enable SSL/TLS (LDAPS) for Active Directory.
To enable using a third-party certificate authority see: Enable LDAP over SSL with a third-party certification authority
Additional useful links on enabling SSL/TLS (LDAPS) with Active Directory.
How to enable LDAP signing in Windows Server
Troubleshoot LDAP over SSL connection problems