Organizational CA was deleted and recreated
LDAP certificates were regenerated for the LDAP Server object
Where are the iManager specific secure LDAP certificates stored that Tomcat uses?
If for some reason this does not happen correctly, you can delete the iManager keystore database and force iManager to recreate it.
The file is %TOMCAT_HOME%\webapps\nps\WEB-INF\iMKS. Shutdown tomcat, delete this file and restart tomcat. Then launch iManager in a browser and log back into the tree to automatically import the new certificate into iManager's keystore database.
Alternately, you may also manually import the required certificate into Tomcat's JVM default keystore using the "keytool" certificate management utility available in the JDK. When creating secure SSL connections, iManager first tries the JVM's default keystore, then uses the iManager specific keystore database. For information on possible syntax examples for using the keytool java utility, please see TID 7006144.
To replace the certificate used for HTTPS traffic to iManager browser client please refer to Replacing the default certificates in iManager 2.6 (non-Apache install)