Tweak the ldap-server-ssl role to now configure the server to only communicate via tls, starttls or ldaps