I find SSLPoke super useful, running from the same host machine as my SonarQube server and making sure the same Java installation being used to run my SonarQube server is being used to run SSLPoke.java.
If you have any proxy configuration set in your conf/sonar.properties file (http.proxyHost, etc.) , you may want to check to see if you need to exclude your LDAP server from using this proxy (setting http.nonProxyHosts)
Related to SAML, there’s a useful guide here:
With a follow-up I wrote some time later on because of changing requirements in how we handle SAML (preserving host headers, forwarding certain headers, etc.)