[Dovecot] dovecot + ldap tls

[aza zel]

hi...
i trying to have a secure conetion between dovecot and directory server, but
i cant do it. The documentation are so poor (
http://wiki.dovecot.org/AuthDatabase/LDAP)
these are my configurations files:

(pre: i have a directory server accepting secure conections (port 389 via
TLS and port 636 via SSL).

File "/opt/csw/etc/dovecot-ldap.conf":

hosts=100.0.4.98
dn = cn=bindmailusers,cn=mailusers,dc=prueba,dc=uy
dnpass =passbindmailUsers
tls = yes
ldap_version = 3
base= cn=mailUsers,dc=prueba,dc=uy
deref = never
scope = subtree
user_attrs = uidnumber=uidnumber,
gidnumber=gidnumber,homedirectory=homedirectory, mailbox=mailbox
user_filter = (&(objectClass=mailaccount)(uid=%u)(disableimap=FALSE))
pass_attrs = uid=uid,userpassword=password
pass_filter= (&(objectClass=mailaccount)(uid=%u)(disableimap=FALSE))
default_pass_scheme = CRYPT
user_global_uid =12356
user_global_gid =12356

File "/opt/csw/etc/openldap/ldap.conf" (openldap client):

TLS_REQCERT     allow
host    100.0.4.98
TLS_CACERT /opt/csw/etc/postfix/ldap-cert/cacert.pem

these are my log file:

# tail dovecot-log.log
:
:
dovecot: May 22 15:48:31 Error: auth(default): LDAP: ldap_start_tls_s()
failed: Can't contact LDAP server

any suggest :(

-- 
Salu2 ;)