Add configurable transport security profiles and bind address

Adds Security section to appsettings.json with configurable OPC UA
transport profiles (None, Basic256Sha256-Sign, Basic256Sha256-SignAndEncrypt),
certificate policy settings, and a configurable BindAddress for the
OPC UA endpoint. Defaults preserve backward compatibility.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

tools/opcuacli-dotnet/Commands/ConnectCommand.cs

@@ -19,13 +19,16 @@ public class ConnectCommand : ICommand
     [CommandOption("password", 'P', Description = "Password for authentication")]
     public string? Password { get; init; }
 
+    [CommandOption("security", 'S', Description = "Transport security: none, sign, encrypt (default: none)")]
+    public string Security { get; init; } = "none";
+
     /// <summary>
     /// Connects to the OPC UA endpoint and prints the resolved server metadata.
     /// </summary>
     /// <param name="console">The console used to report connection results.</param>
     public async ValueTask ExecuteAsync(IConsole console)
     {
-        using var session = await OpcUaHelper.ConnectAsync(Url, Username, Password);
+        using var session = await OpcUaHelper.ConnectAsync(Url, Username, Password, Security);
         await console.Output.WriteLineAsync($"Connected to: {session.Endpoint.EndpointUrl}");
         await console.Output.WriteLineAsync($"Server: {session.Endpoint.Server!.ApplicationName}");
         await console.Output.WriteLineAsync($"Security Mode: {session.Endpoint.SecurityMode}");