providers/ldap: add StartTLS support (#5861)

* providers/ldap: add StartTLS support

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* add starttls test

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* update form and docs

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* re-add tls server name

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* update release notes

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

---------

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

website/docs/providers/ldap/index.md

@@ -56,11 +56,13 @@ Starting with 2021.9.1, custom attributes will override the inbuilt attributes.
 Starting with 2023.3, periods and slashes in custom attributes will be sanitized.
 :::
 
-## SSL
+## SSL / StartTLS
 
 You can also configure SSL for your LDAP Providers by selecting a certificate and a server name in the provider settings.
 
-This enables you to bind on port 636 using LDAPS, StartTLS is not supported.
+Starting with authentik 2023.6, StartTLS is supported, and the provider will pick the correct certificate based on the DN a bind attempt is made with.
+
+This enables you to bind on port 636 using LDAPS.
 
 ## Integrations