Hi Nicholas, you are on the right track. Normally selecting "Use SSL" is NOT required but it sounds like your Active Directory setup requires it. Please see this : https://social.technet.microsoft.com/wiki/contents/articles/2980.ldap-over-ssl-l daps-certificate.aspx
You can also look at the Windows events on the domain controller you are using, that will give you more clues.
Hope it helps.