[NET] Refactor TLS configuration.

Use a TLSOptions configuration object which is created via static
functions.

- "TLSOptions.client": uses the standard CA and common name verification.
- "TLSOptions.client_unsafe": uses optional CA verification (i.e. if specified)
- "TLSOptions.server": is the standard server configuration (chain + key)

This will allow us to expand the TLS configuration options to include
e.g. mutual authentication without bloating the classes that uses
StreamPeerTLS and PacketPeerDTLS as underlying peers.

doc/classes/HTTPClient.xml

@@ -30,13 +30,10 @@
 			<return type="int" enum="Error" />
 			<param index="0" name="host" type="String" />
 			<param index="1" name="port" type="int" default="-1" />
-			<param index="2" name="use_tls" type="bool" default="false" />
-			<param index="3" name="verify_host" type="bool" default="true" />
+			<param index="2" name="tls_options" type="TLSOptions" default="null" />
 			<description>
 				Connects to a host. This needs to be done before any requests are sent.
-				The host should not have http:// prepended but will strip the protocol identifier if provided.
-				If no [param port] is specified (or [code]-1[/code] is used), it is automatically set to 80 for HTTP and 443 for HTTPS (if [param use_tls] is enabled).
-				[param verify_host] will check the TLS identity of the host if set to [code]true[/code].
+				If no [param port] is specified (or [code]-1[/code] is used), it is automatically set to 80 for HTTP and 443 for HTTPS. You can pass the optional [param tls_options] parameter to customize the trusted certification authorities, or the common name verification when using HTTPS. See [method TLSOptions.client] and [method TLSOptions.client_unsafe].
 			</description>
 		</method>
 		<method name="get_response_body_length" qualifiers="const">