If a Windows Server 2003 domain controller is not correctly handling the certificate expiration of an LDAP over SSL certificate, it is most likely because the appropriate Quick Fix Engineering (QFE) update described in KB 932834 has not been applied.
When a QFE is created and released, it is expected to solve a specific issue. In this case, the KB 932834 discusses a situation where the Windows Server 2003 domain controller has to be restarted whenever its certificate for LDAP over SSL expires and is renewed. Even if you have applied the latest Service Pack to your Windows Server 2003 computer, you may still need the hotfix. The way to tell is to navigate to the actual file on the domain controller and check its properties. For example, notice that the File version number listed is later than (higher number 5.2.3790.4501) than the qfe version (5.2.3790.4102) shown in the article.
QFE vs GDR/LDR hotfix
QFE vs. GDR
You may be unable to connect to a Windows Server 2003-based domain controller by using LDAP over an SSL connection (KB 932834)
What is the difference between general distribution and limited distribution releases?