feat: Support CAS server certificate authority to validate instance connections.

[hessjcg]

For Cloud SQL instances with CAS enabled, the connector will use the certificate chain of trust reported by the SQL Admin API to validate the instance connection.

[hessjcg]

Java has this requirement covered without needing additional code:

I believe we want to update the PSC check now that dnsName can be for CAS-based instances as well as PSC just like Go did: https://github.com/GoogleCloudPlatform/cloud-sql-go-connector/pull/850/files#diff-5097a430f11cfd2c79c874367e2f96cf048d9e47112b01f7650d961d8a677ff8R104

The Java connector calls SSLSocket.connect() at Connector.java:118 with either the instance IP or the PSC domain name. When the instance is a CAS instance, the TLS context will be configured to use the built-in logic to check certificate trust. When SSLSocket.connect() is called with the PSC domain name, the built-in TLS logic will check the certificate's SAN records as expected.