Update: The issue is now resolved. UCS Central supports both SHA-1 and SHA-2 certificates, so that was not the issue. The issue just happened to manifest itself when I was working with the SHA-2 trusted point.
The issue was related to a known bug in ...
I'm having a similar issue. I can get secure LDAP working over port 389 using StartTLS with a SHA1 LDAP certificate for UCS Central. But it fails with a SHA2 LDAP certificate. We are using Microsoft Active Directory domain controllers as LDAP servers...