Add client certificate authentication (mTLS) to OpenSearch sink

[srikanthpadakanti]

Description

Add client certificate authentication (mTLS) support to the OpenSearch sink. The existing cert config only creates a TrustManager for server certificate verification but does not present a client certificate. This adds client_certificate and client_key fields under the authentication config block, enabling Data Prepper to authenticate to mTLS-secured OpenSearch clusters. Supports file paths and inline PEM content. Works alongside basic auth and CA cert trust. Both the RestHighLevelClient path and the SDK ApacheHttpClient path (SigV4) are updated.

sink:
   - opensearch:
       hosts: ["https://opensearch:9200"]
       cert: "/path/to/ca-cert.pem"
       authentication:
         client_certificate: "/path/to/client-cert.pem"
         client_key: "/path/to/client-key.pem"

Issues Resolved

Resolves #633
#633

Check List

• [ X ] New functionality includes testing.
• New functionality has a documentation issue. Please link to it in this PR.
  • [ X ] New functionality has javadoc added
• [ X ] Commits are signed with a real name per the DCO

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.
For more information on following Developer Certificate of Origin and signing off your commits, please check here.