Hi Will,
At this time we do not have any plans to add StartTLS with LDAP since it is something that isn't in demand for by other clients.
Checking back through our previous forum questions, we did have someone ask this question before back in 2005 -
https://www.labkey.org/announcements/home/CPAS/Forum/thread.view?rowId=41
However, the code pointers in that old forum post are outdated and the functionality has been moved into LdapAuthenticationManager.connectToLdap(). So if you're interested in modifying the code further to have it work with TLS, you could give this a try.
Regards,
Jon