Add control option to determine whether self-signed certificate can pass verification

[haosanzi]

It is indeed unreasonable for both ends of rats-tls to use self-signed certificates by default.

For the self-signed certificate in the mtls scenario. If the other party is in a non-tee environment, as a verifier, it will naturally return a self-signed certificate. However, if the programs on both sides of the integrated rats-tls are placed on the public network, they will receive any benevolent or malicious requests. If a malicious verifier and attester do mtls, it means that the attester has approved the self-signed certificate sent by the other party.
Even if it is really recognized, it should not be the default behavior, because under normal circumstances, the verifier also has a certificate issued by a legal CA, not a self-signed certificate. The verifier self-signed certificate is only present in the test environment.

So this block should have a control option to determine whether the self-signed certificate can pass the verification.