feat(go): implement TCP/TLS connection in Go SDK

[saie-ch]

Which issue does this PR close?

This unblocks issue #2807 so TCP/TLS integration tests and examples can now be written for the Go
SDK.

Rationale

The Go SDK had TLS configuration fields (tlsEnabled, tlsDomain, tlsCAFile, tlsValidateCertificate)
and TLS error types generated, but the handshake was stubbed out at line 329 with return
errors.New("TLS connection is not implemented yet"). This blocked writing integration tests and
examples for TCP/TLS connections.

What changed?

Before: Line 329 returned a stub error preventing any TLS connections.

After: Full TLS implementation with:

• Added 4 TLS configuration option functions: WithTLS(), ### WithTLSDomain(), WithTLSCAFile(),
  WithTLSValidateCertificate()
• Implemented createTLSConfig() helper method that:
  • Configures certificate validation (InsecureSkipVerify)
  • Extracts server name from address for SNI (if tlsDomain not provided)
  • Loads custom CA certificates from file
  • Returns appropriate TLS error types (ErrInvalidTlsDomain, ErrInvalidTlsCertificatePath,
    ErrInvalidTlsCertificate)
• Replaced stub with actual TLS handshake using crypto/tls (lines 360-373):
  • Creates TLS config
  • Wraps TCP connection with tls.Client()
  • Performs TLS handshake with proper error handling

Implementation follows the same patterns as Rust (tcp_tls_connection_stream.rs), Java
(InternalTcpClient.java), C# (TcpMessageStream.cs), and Node.js (client.connection.ts) SDKs.

AI Usage

Claude Sonnet 4.5

• Guided by existing Rust, Java, Node.js, and C# TLS implementations
• Followed Go SDK patterns and used existing error types
• All pre-merge checks passed locally