diff --git a/ldap/manifests/init.pp b/ldap/manifests/init.pp
index db8153a..5e05300 100644
--- a/ldap/manifests/init.pp
+++ b/ldap/manifests/init.pp
@@ -34,7 +34,8 @@ class ldap::auth inherits ldap::client {
                     augeas { "nslcd-conf":
                         changes => [ "set pagesize 500",
                                      "set ssl on",
-                                     "set tls_reqcert never", ],
+                                     "set tls_reqcert never",
+                                     "rm tls_cacertdir", ],
                         onlyif  => [ "get pagesize != 500",
                                      "get ssl != on",
                                      "get tls_reqcert != never", ],
@@ -44,7 +45,8 @@ class ldap::auth inherits ldap::client {
                     }
                     augeas { "pam-ldap-conf":
                         changes => [ "set ssl on",
-                                     "set pam_password exop", ],
+                                     "set pam_password exop",
+                                     "rm tls_cacertdir", ],
                         onlyif  => [ "get ssl != on",
                                      "get pam_password != exop", ],
                         incl    => "/etc/pam_ldap.conf",