feat(ldap): adding root ca option to ldap config (#9292)

# Which Problems Are Solved

Adding ability to add a root CA to LDAP configs

# Additional Context

- Closes https://github.com/zitadel/zitadel/issues/7888

---------

Co-authored-by: Iraq Jaber <IraqJaber@gmail.com>

internal/idp/providers/ldap/ldap_test.go

@@ -18,11 +18,13 @@ func TestProvider_Options(t *testing.T) {
 		userObjectClasses []string
 		userFilters       []string
 		timeout           time.Duration
+		rootCA            []byte
 		loginUrl          string
 		opts              []ProviderOpts
 	}
 	type want struct {
 		name                       string
+		rootCA                     []byte
 		startTls                   bool
 		linkingAllowed             bool
 		creationAllowed            bool
@@ -114,6 +116,7 @@ func TestProvider_Options(t *testing.T) {
 				userObjectClasses: []string{"object"},
 				userFilters:       []string{"filter"},
 				timeout:           30 * time.Second,
+				rootCA:            []byte("certificate"),
 				loginUrl:          "url",
 				opts: []ProviderOpts{
 					WithoutStartTLS(),
@@ -138,6 +141,7 @@ func TestProvider_Options(t *testing.T) {
 			},
 			want: want{
 				name:                       "ldap",
+				rootCA:                     []byte("certificate"),
 				startTls:                   false,
 				linkingAllowed:             true,
 				creationAllowed:            true,
@@ -172,11 +176,13 @@ func TestProvider_Options(t *testing.T) {
 				tt.fields.userObjectClasses,
 				tt.fields.userFilters,
 				tt.fields.timeout,
+				tt.fields.rootCA,
 				tt.fields.loginUrl,
 				tt.fields.opts...,
 			)
 
 			a.Equal(tt.want.name, provider.Name())
+			a.Equal(tt.want.rootCA, provider.rootCA)
 			a.Equal(tt.want.startTls, provider.startTLS)
 			a.Equal(tt.want.linkingAllowed, provider.IsLinkingAllowed())
 			a.Equal(tt.want.creationAllowed, provider.IsCreationAllowed())