Quote Originally Posted by rthonpm View Post
Not quite. That's it's most common use but it can be used for multiple services that require encrypted connections.

I've used it to encrypt remote MySQL connections in a few off the wall setups.

Sent from my Pixel 6 Pro using Tapatalk
For what he is trying to do, he does not need it unless the Kyocera he is trying to scan from does not support TLS. He is trying to scan to Google Secure LDAP expecting the Certificate on the Kyocera to be all he needs. The truth is Google Secure LDAP may may require the use of both a certificate and a username/password. It depends on how the account on the Google cloud is configured.
Why do I need both a certificate and access credentials to authenticate LDAP clients? Only the certificate authenticates the LDAP client. The access credentials only exist if the client insists upon also sending a username and password. On their own, the access credentials don’t confer any access to the LDAP server or user data, but they should be kept secret to prevent them from being used to log in to certain LDAP clients.

In the case where an LDAP client requires access credentials, we authenticate LDAP clients with both certificates and access credentials.
From FAQs: Secure LDAP service - Google Workspace Admin Help
The document contains a link for if the Kyocera does not support TLS and therefore has to use Stunnel to the client certificate.