LDAP failover does not work if the primary LDAP failover server is set to SSL and the secondary server is set to non-SSL. There is no workaround at this time.