OKi, so here is the basic setup

REHEL6.2 x64 + openldap-servers installed
TLSCertificateFile /etc/openldap/cacerts/slapdcert.pem
TLSCertificateKeyFile /etc/openldap/cacerts/slapdkey.pem

openssl req -new -x509 -nodes -out /etc/openldap/cacerts/slapdcert.pem -keyout /etc/openldap/cacerts/slapdkey.pem -days 365

ldap.conf
URI ldap://192.168.40.220/
BASE dc=domain1,dc=local
TLS_CACERTDIR /etc/openldap/cacerts
TLS_REQCERT allow

on ldap server
create and tested the connection with user1

!!!!!!!now on remote machine [192.168.40.11]!!!!!

-enabled ldap auth
ldap.conf
URI ldap://192.168.40.220/
BASE dc=domain1,dc=local
TLS_CACERTDIR /etc/openldap/cacerts
TLS_REQCERT allow

!!! on ldap server debug option has been enabled !!!

- when user1 trying to connect on remote machine [192.168.40.11] it fails

Here is the log of slapd !!
conn=1002 op=0 do_extended
ber_scanf fmt ({m) ber:
send_ldap_extended: err=0 oid= len=0
send_ldap_response: msgid=1 tag=120 err=0
ber_flush2: 14 bytes to sd 14
connection_get(14): got connid=1002
connection_read(14): checking for input on id=1002
TLS: certificate [CN=*.domain1.local,O=IBM,L=myCity\\,ST=Wienn,C=AT] is valid
connection_get(14): got connid=1002
connection_read(14): checking for input on id=1002
TLS: error: accept - force handshake failure: errno 11 - moznss error -12195
TLS: can't accept: TLS error -12195:Unknown code ___P 93.
connection_read(14): TLS accept failure error=-1 id=1002, closing
connection_close: conn=1002 sd=14

just to mention: on ldap server user1 is able to authenticate...

So... it's a ldap/openssl bug... or i did something wrong ??????

"Error -12195 is SSL_ERROR_UNKNOWN_CA_ALERT - it means the client does not know about or does not trust the CA cert that issued the SSL server cert of the server."

It means you need to install the CA cert on the client. Not sure why it doesn't give a better error.