LDAPS config Fortianalyzer/fortimanager

I am trying to configure my fortianalyzer and fortimanager to authenticate users through LDAPS the same way my 500D firewalls do.  On the 500D I connect to my DC servers via hostname and their certificate (single hostname with Subject Alternative Names for each DCs FQDN) handles the SSL encryption.  To do this I turn on the secure checkbox of the 500D's ldap config and select "no certificate".  The problem being that the fortianalyzer and fortimanager do not seem to have a no certificate option, they force me to use the fortinet built in cert or turn off the secure feature, neither of which work for me.  Am I missing something?  Am I required to use a client side cert?