docs(mesh): add --skip-verify to universal dp

[bartsmykla]

Description

Recent Kuma releases changed kuma-dp to verify the control plane certificate against the system trust store by default. Skipping verification is now opt-in via --skip-verify (KUMA_CONTROL_PLANE_TLS_SKIP_VERIFY); the production path is to pass the control plane CA with --ca-cert-file / KUMA_CONTROL_PLANE_CA_CERT_FILE.

The universal getting-started and data-plane-on-universal guides use a self-signed control plane, so kuma-dp run --cp-address=https://... now fails verification. This adds --skip-verify to those commands in app/mesh/data-plane-universal.md and the universal how-tos, with a warning pointing at --ca-cert-file for production.

Reviewers: --skip-verify is new, so you may want to version-gate these lines for older docs.

Preview Links

Checklist

• Tested how-to docs. If not, note why here. Documentation-only flag change mirroring upstream kuma-dp behavior; not run end to end.
• All pages contain metadata.
• Any new docs link to existing docs.
• All autogenerated instructions render correctly (API, decK, Konnect, Kong Manager).
• Style guide (capitalized gateway entities, placeholder URLs) implemented correctly.
• Every page has a description entry in frontmatter.
• Add new pages to the product documentation index (if applicable). No new pages.

[netlify]

✅ Deploy Preview for kongdeveloper ready!

Name	Link
🔨 Latest commit	92b4820
🔍 Latest deploy log	https://app.netlify.com/projects/kongdeveloper/deploys/6a1eb658275197000813e8b0
😎 Deploy Preview	https://deploy-preview-5432--kongdeveloper.netlify.app
📱 Preview on mobile	Toggle QR Code... Use your smartphone camera to open QR code link.
🤖 Make changes	Run an agent on this branch

---

To edit notification comments on pull requests, go to your Netlify project configuration.

[Copilot]

Pull request overview

Updates Kong Mesh Universal-mode documentation to account for upstream kuma-dp behavior changes where TLS verification is now enforced by default when connecting to an HTTPS control plane, requiring explicit opt-out (--skip-verify) for self-signed dev/demo setups.

Changes:

• Added --skip-verify to kuma-dp run commands that connect to an HTTPS control plane with self-signed certs.
• Added warning admonitions explaining that --skip-verify is for dev/demo only and that production should use --ca-cert-file / KUMA_CONTROL_PLANE_CA_CERT_FILE.

Reviewed changes

Copilot reviewed 4 out of 4 changed files in this pull request and generated 5 comments.

File	Description
app/mesh/data-plane-universal.md	Adds --skip-verify for local HTTPS control plane examples and documents security implications.
app/_how-tos/mesh/mesh-get-started-universal-3-kv.md	Keeps the Universal quickstart kv data-plane instructions working with newer kuma-dp TLS verification defaults.
app/_how-tos/mesh/mesh-get-started-universal-4-demo-app.md	Keeps the Universal quickstart demo-app data-plane instructions working with newer kuma-dp TLS verification defaults.
app/_how-tos/mesh/deploy-universal-self-managed.md	Updates self-managed Universal setup commands to explicitly skip verification for the guide’s self-signed control plane.