The error, LDAP communication error - TLS fatal: certificate expired, is displayed in the LDAP configuration window when attempting to configure LDAP over TLS in the SonicWall UTM appliance.
This error is caused when the certificate provided by the LDAP server has expired. Renew the certificate of the LDAP server and try again.
To determine whether it is the Root CA or the Domain Controller certificate which has expired, do a packet capture in the SonicWall UTM appliance under System | Packet Monitor, on destination port number 636. Here is an example of an expired certificate viewed through a packe capture: