Error to enroll/join IPA clients on IDM domain

Issue

The system is reporting error during the ipa-client-install:

2022-03-30T22:03:48Z DEBUG stderr=
2022-03-30T22:03:48Z DEBUG trying to retrieve CA cert via LDAP from hostidm.local
2022-03-30T22:03:48Z DEBUG retrieving schema for SchemaCache url=ldap://hostidm:389 conn=<ldap.ldapobject.SimpleLDAPObject object at 0x7f42876ee9e8>
2022-03-30T22:03:48Z ERROR unable to convert the attribute 'cacertificate;binary' value b'0\x82\x03\x970\x82\x02\x7f\xa0\x03\x02\x01\x02\x02\x01\x010\r\x06\t*\x86H\x86\xf7\r\x01\x01\x0b\x05\x000:1\x180\x16\x06\x03U\x04\n\x0c\x0fCIP-COREX.LOCAL1\x1e0\x1c\x06\x03U\x04\x03\x0c\x15Certificate Authority0\x1e\x17\r171003232355Z\x17\r371003232355Z0:1\x180\x16\x06\x03U\x04\n\x0c\x0fDOMAIN.LOCAL1\x1e0\x1c\x06\x03U\x04\x03\x0c\x15Certificate Authority0\x82\x01"0\r\x06\t*\x86H\x86\xf7\r\x01\x01\x01\x05\x00\x03\x82\x01\x0f\x000\x82\x01\n\x02\x82\x01\x01\x00\xab\x9a^I|\xec/lG\xb0\xa9\x99\xa4\xd9\xa1\x05\xacz+\x974\xb7\xcf\xcf\xaf\x94\xd2A\x98\xb0\x8balM\x14\x1eW\x81\xba\x91]F\x07\x1f\xf0\xf8*\xb1Z\xc9\x1bN\xff|\xa2\x01\x8b\x96\xcc\xcf;\xbeX&\xcfz\x1e\xdfkB\xf2$\nVA,\x99\x0c\xce\xfc\xeeC\xa1E\xa0\xbc\xaa6\x90\xb0\x9a\xc4\xc6\xf5\xd56\xb8j|nKJ;\x83\xb7\x94E\x87^\x89\xc4{\x01\xbd\xf9\xb2nAT=\x07\x82.\xaaVW\x1d\xc0\x1c\xda\xa9\x0bO#\xd4\x91$6-\x96Y\xa9\xec30\xeeL\x1f\xdc\xe1Ic\x97>m>\xdb\xee,n\x1b\xab\xd1:j\t}\xd1mN\xa4\xbb|\x1d\xf3\xb9\x88\xb8\x08m\x19b\xc6\x862\x19?\x88\xffh\xe2c0\x1a]\xfc5\xab_\x02(\xfe\xef\xcd\x13\x8a\xee\xcf\xe7_\x148\xa6\xccX\xad\xc5\xbc\x87\x93Q\'7x8\xdb+[\xb7l\x8e\x96=\x81@\x9d\x1c\xd0\xea1\xf5\x82\t\x11\xa7\xc0\x06\x93\xa9(\\\x04>gj\x01\x02\x03\x01\x00\x01\xa3\x81\xa70\x81\xa40\x1f\x06\x03U\x1d#\x04\x180\x16\x80\x14^\xaf\n}\xc6e\x0f,\xe9\xcb\xcd[h\xbe\xbb\x8c/\xc8\xfe\xd20\x0f\x06\x03U\x1d\x13\x01\x01\xff\x04\x050\x03\x01\x01\xff0\x0e\x06\x03U\x1d\x0f\x01\x01\xff\x04\x04\x03\x02\x01\xc60\x1d\x06\x03U\x1d\x0e\x04\x16\x04\x14^\xaf\n}\xc6e\x0f,\xe9\xcb\xcd[h\xbe\xbb\x8c/\xc8\xfe\xd20A\x06\x08+\x06\x01\x05\x05\x07\x01\x01\x0450301\x06\x08+\x06\x01\x05\x05\x070\x01\x86%http://ipa-ca.cip-corex.local/ca/ocsp0\r\x06\t*\x86H\x86\xf7\r\x01\x01\x0b\x05\x00\x03\x82\x01\x01\x00\\R\x8b\x8e\xa1\xe4^L*\n\xfe#!\x1ba\xdd\x96y\xff\x08W\xd0$c(_\xfa\x02\xe2/\xdd\x96\x8837e\x91\xdf\xd5\x98\x80p\xe4\x1c\xfa\xefx\xde\xda\xfb\x95S\x95]\xc7\xa5\x8e\x83U\x83wL\x92\xf7\x00+\x91>\xb5\xf7\xc8\x9e\xfa\x8eqXr\xc3\xb1\xeb\x03\xa3\xf4+\xe2\xe7e\xfc+9\x98\xe0fT\x7f\xb3m\xde\x8a\'q\x08\xb6\xbf\xef\x8a3\xf9\x1a\xf5\txp"\xcdt3\xad\x1d\x94\xd2\xc0\x9e\xb2R\x18\x04\x10\xdcz3\x1f%[\xac]\xa7iH\x0bsR>9\xf5\xbd\xdf\tvd\xa6\x1b\xeb\x8ad\x89\xac\x8e\xcfI\xa2\xa3\xf6\x17M\xbd"\x00\xa5OS\xcb\xf1\xa7\x89\xab\xe4\xbb\xaep\x89\xc7O\xe9ns\x12g\x08\xaeX\xfdz^1I\x0f\xcd\x8c\xa3i\x98\xaa~C5\x17\t\xbb\x81\x14\xa2\xc4\x82\xc4\x1dr\xabPU\xc3ze\x85\xf1\xc8\n\x88\xb4\x00\t\xde\x95,\xbe\xab\xdb\x8b\xa2\xa2\xd0/\x13\xce\xa2\x98<\xfb\xb4l\x01\x8a\xce\xf2HS' to type <class 'cryptography.x509.base.Certificate'>
2022-03-30T22:03:48Z DEBUG get_ca_certs_from_ldap() error: unsupported format character 't' (0x74) at index 1679
2022-03-30T22:03:48Z DEBUG unsupported format character 't' (0x74) at index 1679
2022-03-30T22:03:48Z ERROR Cannot obtain CA certificate
'ldap://hostidm.local' doesn't have a certificate.
2022-03-30T22:03:48Z ERROR Installation failed. Rolling back changes.