According to
this manual (REVC), you can't configure VLAN memberships for Link Aggregation Groups (LAG) - instead you have to configure identical VLAN settings (same tagged and untagged memberships and PVID settings) for any LAG member port. See the NOTE on page 45: "Each combined trunk port must be connected to devices within the same VLAN group."
I'd suggest you start with a single link to connect your AP (e.g. via port 11) and try to configure a working VLAN configuration. Given, your AP supports multi SSID mapped to several VLANs, all of them sent and received tagged, port 11 must be set to be a tagged member of both VLAN 2 and VLAN 3 and no further (tagged or untagged) VLAN memberships. Since untagged frames are not received by port 11 ('cause your AP only sends tagged frames), the PVID setting of port 11 doesn't matter, you should set it to some dummy VLAN (e.g. VLAN 1000), that isn't used for purposes other than to be a dummy data sink. In addition define access ports for VLAN 2 (untagged membership and PVID=2) and VLAN 3 (untagged membership and PVID=3).
If the scenario works, add port 12 to form a LAG (same VLAN/PVID settings as for port 11!). Problems may arise, if you configure LACP for the switch while your AP only supports static LAG. In this case also configure static LAG at the switch. In case LACP is supported and configured, choose one end of the LAG to be "active" (e.g. the switch) while the other end is set to "passive".