Allow admin to authenticate with client certificate

[tsaarni]

"userCertificate" attribute was searched only under searchBaseDn and therefore it was not possible to use SASL EXTERNAL method with client certificate based authentication for admin user. This change adds explicit search for "userCertificate" for "uid=admin,ou=system".

[tsaarni]

This topic was briefly discussed in directory-dev email list thread here. I'm not sure if you'd be interested in this change but sending it in case this would be useful for others.