[REST] Add option to configure TLS settings in REST client

[bryanck]

This PR adds an option to the REST client to configure TLS settings via a pluggable configurer class. Java supports setting some TLS parameters via System properties, but doing so will affect all connections, and causes issues with clients such as the S3 client.

Also, while some basic parameters could be set via catalog properties, using a plugin approach allows the most flexibility when configuring mutual authentication, which can involve custom logic for certificate and host name verification. This aligns with the pluggable model currently used for AuthManagers.

If useful, we could follow this PR up with an implementation that is driven off of catalog properties, for cases that don't need special logic. This would allow setting the keystore and the truststore sepcifically for the REST client, for example.

[singhpk234]

can we have functions for the constructor DefaultClientTlsStrategy which excepts TLS protocol and cipher suites as well, we are 5.5, this will be really helpful in enforcing TLS 1.3 and only certain cipher suits which a maintainer may want to enforce

https://hc.apache.org/httpcomponents-client-5.5.x/current/httpclient5/apidocs/org/apache/hc/client5/http/ssl/DefaultClientTlsStrategy.html#DefaultClientTlsStrategy-javax.net.ssl.SSLContext-java.lang.String:A-java.lang.String:A-org.apache.hc.core5.reactor.ssl.SSLBufferMode-javax.net.ssl.HostnameVerifier-

[bryanck]

Sure, added. I left HostnameVerificationPolicy and SSLBufferMode at default for now to avoid any Apache HTTP dependencies in the interface.

[singhpk234]

LGTM, thanks @bryanck !

[nastra]

nit: I know we use this naming scheme with _ in the name in TestCatalogUtil but I feel like just omitting it reads better

[bryanck]

Yes, agreed, the underscore convention isn't used in this test class anyway so I removed it.

[nastra]

looks great, thanks @bryanck

[bryanck]

Thanks for the reviews @nastra and @singhpk234 !