Add insecure_skip_verify option for HTTPS client in security.toml (#8781)

* Add -insecureSkipVerify flag and config option for filer.sync HTTPS connections

When using filer.sync between clusters with different CAs (e.g., separate
OpenShift clusters), TLS certificate verification fails with "x509:
certificate signed by unknown authority". This adds two ways to skip TLS
certificate verification:

1. CLI flag: `weed filer.sync -insecureSkipVerify ...`
2. Config option: `insecure_skip_verify = true` under [https.client] in
   security.toml

Closes #8778

* Add insecure_skip_verify option for HTTPS client in security.toml

When using filer.sync between clusters with different CAs (e.g., separate
OpenShift clusters), TLS certificate verification fails. Adding
insecure_skip_verify = true under [https.client] in security.toml allows
skipping TLS certificate verification.

The option is read during global HTTP client initialization so it applies
to all HTTPS connections including filer.sync proxy reads and writes.

Closes #8778

---------

Co-authored-by: Copilot <copilot@github.com>

weed/command/scaffold/security.toml

@@ -135,6 +135,7 @@ enabled = false  # Set to true to enable HTTPS for all outgoing HTTP client conn
 cert = ""        # Client certificate for mTLS (optional if server doesn't require client cert)
 key = ""         # Client key for mTLS (optional if server doesn't require client cert)
 ca = ""          # CA certificate to verify server certificates (required when enabled=true)
+insecure_skip_verify = false  # Skip TLS certificate verification (NOT recommended for production)
 
 # Volume server HTTPS options (server-side)
 # Enables HTTPS for incoming HTTP connections to volume server