If I add strategy in authentication.conf manually and edit ldap.conf
authentication.conf
[test_ldap]
SSLEnabled = 1
host = ldap.myldap.com
port = 636
anonymous_referrals = 1
bindDN = xxxx
bindDNpassword = xxxx
emailAttribute = mail
groupBaseDN = xxxx
groupMappingAttribute = dn
groupMemberAttribute = member
groupNameAttribute = cn
nestedGroups = 0
network_timeout = 20
realNameAttribute = displayname
sizelimit = 1000
timelimit = 15
userBaseDN = dc=xxxx
userNameAttribute = uid
ldap.conf
ssl start_tls
TLS_REQCERT never
TLS_CERT <SPLUNKHOME>/auth/mycert.pem
TLS_KEY <SPLUNKHOME>auth/myprivatekey.pem
The reason for failure is that TLS_CERT and TLS_KEY are user-only options according to man page for LDAP.CONF(5).
TLS_CERT
Specifies the file that contains the client certificate. This is a user-only option.
TLS_KEY
Specifies the file that contains the private key that matches the certificate stored in the TLS_CERT file. Currently, the private key must not be pro‐
tected with a password, so it is of critical importance that the key file is protected carefully. This is a user-only option.
All user-only options must be in .ldaprc or ldaprc file not ldap.conf. Location for .ldaprc/ldaprc is under user's home directory and not under splunk install directory.
user files $HOME/ldaprc, $HOME/.ldaprc