diff --git a/reference/ldap/constants.xml b/reference/ldap/constants.xml
index f50b839071..64dbf8b83c 100644
--- a/reference/ldap/constants.xml
+++ b/reference/ldap/constants.xml
@@ -177,6 +177,17 @@
     </simpara>
    </listitem>
   </varlistentry>
+  <varlistentry xml:id="constant.ldap-opt-diagnostic-message">
+   <term>
+    <constant>LDAP_OPT_DIAGNOSTIC_MESSAGE</constant> 
+    (<type>integer</type>)
+   </term>
+   <listitem>
+    <simpara>
+     
+    </simpara>
+   </listitem>
+  </varlistentry>
   <varlistentry xml:id="constant.ldap-opt-matched-dn">
    <term>
     <constant>LDAP_OPT_MATCHED_DN</constant> 
@@ -221,6 +232,176 @@
     </simpara>
    </listitem>
   </varlistentry>
+  <varlistentry xml:id="constant.ldap-opt-x-keepalive-idle">
+   <term>
+    <constant>LDAP_OPT_X_KEEPALIVE_IDLE</constant> 
+    (<type>integer</type>)
+   </term>
+   <listitem>
+    <simpara>
+     Specifies the number of seconds a connection needs to remain idle before TCP starts sending keepalive probes.
+    </simpara>
+   </listitem>
+  </varlistentry>
+  <varlistentry xml:id="constant.ldap-opt-x-keepalive-probes">
+   <term>
+    <constant>LDAP_OPT_X_KEEPALIVE_PROBES</constant> 
+    (<type>integer</type>)
+   </term>
+   <listitem>
+    <simpara>
+     Specifies the maximum number of keepalive probes TCP should send before dropping the connection.
+    </simpara>
+   </listitem>
+  </varlistentry>
+  <varlistentry xml:id="constant.ldap-opt-x-keepalive-interval">
+   <term>
+    <constant>LDAP_OPT_X_KEEPALIVE_INTERVAL</constant> 
+    (<type>integer</type>)
+   </term>
+   <listitem>
+    <simpara>
+     Specifies the interval in seconds between individual keepalive probes.
+    </simpara>
+   </listitem>
+  </varlistentry>
+  <varlistentry xml:id="constant.ldap-opt-x-tls-cacertdir">
+   <term>
+    <constant>LDAP_OPT_X_TLS_CACERTDIR</constant> 
+    (<type>string</type>)
+   </term>
+   <listitem>
+    <simpara>
+     Specifies the path of the directory containing CA certificates.
+    </simpara>
+   </listitem>
+  </varlistentry>
+  <varlistentry xml:id="constant.ldap-opt-x-tls-cacertfile">
+   <term>
+    <constant>LDAP_OPT_X_TLS_CACERTFILE</constant> 
+    (<type>string</type>)
+   </term>
+   <listitem>
+    <simpara>
+     Specifies the full-path of the CA certificate file.
+    </simpara>
+   </listitem>
+  </varlistentry>
+  <varlistentry xml:id="constant.ldap-opt-x-tls-certfile">
+   <term>
+    <constant>LDAP_OPT_X_TLS_CERTFILE</constant> 
+    (<type>string</type>)
+   </term>
+   <listitem>
+    <simpara>
+     Specifies the full-path of the certificate file.
+    </simpara>
+   </listitem>
+  </varlistentry>
+  <varlistentry xml:id="constant.ldap-opt-x-tls-cipher-suite">
+   <term>
+    <constant>LDAP_OPT_X_TLS_CIPHER_SUITE</constant> 
+    (<type>string</type>)
+   </term>
+   <listitem>
+    <simpara>
+     Specifies the allowed cipher suite.
+    </simpara>
+   </listitem>
+  </varlistentry>
+  <varlistentry xml:id="constant.ldap-opt-x-tls-crl-check">
+   <term>
+    <constant>LDAP_OPT_X_TLS_CRL_CHECK</constant> 
+    (<type>integer</type>)
+   </term>
+   <listitem>
+    <simpara>
+     Specifies the CRL evaluation strategy. This must be one of: <constant>LDAP_OPT_X_TLS_CRL_NONE</constant>,<constant>LDAP_OPT_X_TLS_CRL_PEER</constant>, <constant>LDAP_OPT_X_TLS_CRL_ALL</constant>.
+    </simpara>
+    <note>
+     <simpara>
+      This option is only valid for OpenSSL.
+     </simpara>
+    </note>
+   </listitem>
+  </varlistentry>
+  <varlistentry xml:id="constant.ldap-opt-x-tls-crlfile">
+   <term>
+    <constant>LDAP_OPT_X_TLS_CRLFILE</constant> 
+    (<type>string</type>)
+   </term>
+   <listitem>
+    <simpara>
+     Specifies the full-path of the CRL file.
+    </simpara>
+    <note>
+     <simpara>
+      This option is only valid for GnuTLS.
+     </simpara>
+    </note>
+   </listitem>
+  </varlistentry>
+  <varlistentry xml:id="constant.ldap-opt-x-tls-dhfile">
+   <term>
+    <constant>LDAP_OPT_X_TLS_DHFILE</constant> 
+    (<type>string</type>)
+   </term>
+   <listitem>
+    <simpara>
+     Specifies the full-path  of the file containing the parameters for Diffie-Hellman ephemeral key exchange.
+    </simpara>
+    <note>
+     <simpara>
+      This option is ignored by GnuTLS and Mozilla NSS.
+     </simpara>
+    </note>
+   </listitem>
+  </varlistentry>
+  <varlistentry xml:id="constant.ldap-opt-x-tls-keyfile">
+   <term>
+    <constant>LDAP_OPT_X_TLS_KEYFILE</constant> 
+    (<type>string</type>)
+   </term>
+   <listitem>
+    <simpara>
+     Specifies the full-path of the certificate key file.
+    </simpara>
+   </listitem>
+  </varlistentry>
+  <varlistentry xml:id="constant.ldap-opt-x-tls-protocol-min">
+   <term>
+    <constant>LDAP_OPT_X_TLS_PROTOCOL_MIN</constant> 
+    (<type>integer</type>)
+   </term>
+   <listitem>
+    <simpara>
+     Specifies the minimum protocol version. This can be one of: <constant>LDAP_OPT_X_TLS_PROTOCOL_SSL2</constant>,<constant>LDAP_OPT_X_TLS_PROTOCOL_SSL3</constant>, <constant>LDAP_OPT_X_TLS_PROTOCOL_TLS1_0</constant>, <constant>LDAP_OPT_X_TLS_PROTOCOL_TLS1_1</constant>, <constant>LDAP_OPT_X_TLS_PROTOCOL_TLS1_2</constant>
+    </simpara>
+   </listitem>
+  </varlistentry>
+  <varlistentry xml:id="constant.ldap-opt-x-tls-random-file">
+   <term>
+    <constant>LDAP_OPT_X_TLS_RANDOM_FILE</constant> 
+    (<type>string</type>)
+   </term>
+   <listitem>
+    <simpara>
+
+    </simpara>
+   </listitem>
+  </varlistentry>
+  <varlistentry xml:id="constant.ldap-opt-x-tls-require-cert">
+   <term>
+    <constant>LDAP_OPT_X_TLS_REQUIRE_CERT</constant> 
+    (<type>integer</type>)
+   </term>
+   <listitem>
+    <simpara>
+     Specifies the certificate checking checking strategy. This must be one of: <constant>LDAP_OPT_X_TLS_NEVER</constant>,<constant>LDAP_OPT_X_TLS_HARD</constant>, <constant>LDAP_OPT_X_TLS_DEMAND</constant>,
+<constant>LDAP_OPT_X_TLS_ALLOW</constant>, <constant>LDAP_OPT_X_TLS_TRY</constant>.
+    </simpara>
+   </listitem>
+  </varlistentry>
   <varlistentry xml:id="constant.gslc-ssl-no-auth">
    <term>
     <constant>GSLC_SSL_NO_AUTH</constant> 
diff --git a/reference/ldap/functions/ldap-get-option.xml b/reference/ldap/functions/ldap-get-option.xml
index 885a6e4d18..dea323ff8a 100644
--- a/reference/ldap/functions/ldap-get-option.xml
+++ b/reference/ldap/functions/ldap-get-option.xml
@@ -97,6 +97,81 @@
            <entry><constant>LDAP_OPT_CLIENT_CONTROLS</constant></entry>
            <entry>array</entry>
           </row>
+          <row>
+           <entry><constant>LDAP_OPT_X_KEEPALIVE_IDLE</constant></entry>
+           <entry>int</entry>
+           <entry></entry>
+          </row>
+          <row>
+           <entry><constant>LDAP_OPT_X_KEEPALIVE_PROBES</constant></entry>
+           <entry>int</entry>
+           <entry></entry>
+          </row>
+          <row>
+           <entry><constant>LDAP_OPT_X_KEEPALIVE_INTERVAL</constant></entry>
+           <entry>int</entry>
+           <entry></entry>
+          </row>
+          <row>
+           <entry><constant>LDAP_OPT_X_TLS_CACERTDIR</constant></entry>
+           <entry>string</entry>
+           <entry></entry>
+          </row>
+          <row>
+           <entry><constant>LDAP_OPT_X_TLS_CACERTFILE</constant></entry>
+           <entry>string</entry>
+           <entry></entry>
+          </row>
+          <row>
+           <entry><constant>LDAP_OPT_X_TLS_CERTFILE</constant></entry>
+           <entry>string</entry>
+           <entry></entry>
+          </row>
+          <row>
+           <entry><constant>LDAP_OPT_X_TLS_CIPHER_SUITE</constant></entry>
+           <entry>string</entry>
+           <entry></entry>
+          </row>
+          <row>
+           <entry><constant>LDAP_OPT_X_TLS_CRLCHECK</constant></entry>
+           <entry>integer</entry>
+           <entry></entry>
+          </row>
+          <row>
+           <entry><constant>LDAP_OPT_X_TLS_CRLFILE</constant></entry>
+           <entry>string</entry>
+           <entry></entry>
+          </row>
+          <row>
+           <entry><constant>LDAP_OPT_X_TLS_DHFILE</constant></entry>
+           <entry>string</entry>
+           <entry></entry>
+          </row>
+          <row>
+           <entry><constant>LDAP_OPT_X_TLS_KEYILE</constant></entry>
+           <entry>string</entry>
+           <entry></entry>
+          </row>
+          <row>
+           <entry><constant>LDAP_OPT_X_TLS_PACKAGE</constant></entry>
+           <entry>string</entry>
+           <entry></entry>
+          </row>
+          <row>
+           <entry><constant>LDAP_OPT_X_TLS_PROTOCOL_MIN</constant></entry>
+           <entry>integer</entry>
+           <entry></entry>
+          </row>
+          <row>
+           <entry><constant>LDAP_OPT_X_TLS_RANDOM_FILE</constant></entry>
+           <entry>string</entry>
+           <entry></entry>
+          </row>
+          <row>
+           <entry><constant>LDAP_OPT_X_TLS_REQUIRE_CERT</constant></entry>
+           <entry>integer</entry>
+           <entry></entry>
+          </row>
          </tbody>
         </tgroup>
        </informaltable>
diff --git a/reference/ldap/functions/ldap-set-option.xml b/reference/ldap/functions/ldap-set-option.xml
index c5b0b0465a..09710ad74f 100644
--- a/reference/ldap/functions/ldap-set-option.xml
+++ b/reference/ldap/functions/ldap-set-option.xml
@@ -96,6 +96,11 @@
            <entry>string</entry>
            <entry></entry>
           </row>
+          <row>
+           <entry><constant>LDAP_OPT_DIAGNOSTIC_MESSAGE</constant></entry>
+           <entry>string</entry>
+           <entry></entry>
+          </row>
           <row>
            <entry><constant>LDAP_OPT_MATCHED_DN</constant></entry>
            <entry>string</entry>
@@ -111,6 +116,76 @@
            <entry>array</entry>
            <entry></entry>
           </row>
+          <row>
+           <entry><constant>LDAP_OPT_X_KEEPALIVE_IDLE</constant></entry>
+           <entry>int</entry>
+           <entry></entry>
+          </row>
+          <row>
+           <entry><constant>LDAP_OPT_X_KEEPALIVE_PROBES</constant></entry>
+           <entry>int</entry>
+           <entry></entry>
+          </row>
+          <row>
+           <entry><constant>LDAP_OPT_X_KEEPALIVE_INTERVAL</constant></entry>
+           <entry>int</entry>
+           <entry></entry>
+          </row>
+          <row>
+           <entry><constant>LDAP_OPT_X_TLS_CACERTDIR</constant></entry>
+           <entry>string</entry>
+           <entry></entry>
+          </row>
+          <row>
+           <entry><constant>LDAP_OPT_X_TLS_CACERTFILE</constant></entry>
+           <entry>string</entry>
+           <entry></entry>
+          </row>
+          <row>
+           <entry><constant>LDAP_OPT_X_TLS_CERTFILE</constant></entry>
+           <entry>string</entry>
+           <entry></entry>
+          </row>
+          <row>
+           <entry><constant>LDAP_OPT_X_TLS_CIPHER_SUITE</constant></entry>
+           <entry>string</entry>
+           <entry></entry>
+          </row>
+          <row>
+           <entry><constant>LDAP_OPT_X_TLS_CRLCHECK</constant></entry>
+           <entry>integer</entry>
+           <entry></entry>
+          </row>
+          <row>
+           <entry><constant>LDAP_OPT_X_TLS_CRLFILE</constant></entry>
+           <entry>string</entry>
+           <entry></entry>
+          </row>
+          <row>
+           <entry><constant>LDAP_OPT_X_TLS_DHFILE</constant></entry>
+           <entry>string</entry>
+           <entry></entry>
+          </row>
+          <row>
+           <entry><constant>LDAP_OPT_X_TLS_KEYILE</constant></entry>
+           <entry>string</entry>
+           <entry></entry>
+          </row>
+          <row>
+           <entry><constant>LDAP_OPT_X_TLS_PROTOCOL_MIN</constant></entry>
+           <entry>integer</entry>
+           <entry></entry>
+          </row>
+          <row>
+           <entry><constant>LDAP_OPT_X_TLS_RANDOM_FILE</constant></entry>
+           <entry>string</entry>
+           <entry></entry>
+          </row>
+          <row>
+           <entry><constant>LDAP_OPT_X_TLS_REQUIRE_CERT</constant></entry>
+           <entry>integer</entry>
+           <entry></entry>
+          </row>
          </tbody>
         </tgroup>
        </informaltable>