If you are going to run a self-signed cert, there is a config file option to have it not verify the certificate. It is probably trying to verify the certificate chain. A debug connection would probably verify that. We use internally-generated certs from our own CA but they are NOT self-signed. I provide the location of our site's CA.cert file and that takes care of that.