feat(lmxproxy): phase 1 — v2 protocol types and domain model

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

lmxproxy/src-reference/ZB.MOM.WW.LmxProxy.Client/ClientTlsConfiguration.cs

@@ -0,0 +1,48 @@
+namespace ZB.MOM.WW.LmxProxy.Client;
+
+/// <summary>
+/// TLS configuration for LmxProxy client connections
+/// </summary>
+public class ClientTlsConfiguration
+{
+    /// <summary>
+    /// Gets or sets whether to use TLS for the connection
+    /// </summary>
+    public bool UseTls { get; set; } = false;
+
+    /// <summary>
+    /// Gets or sets the path to the client certificate file (optional for mutual TLS)
+    /// </summary>
+    public string? ClientCertificatePath { get; set; }
+
+    /// <summary>
+    /// Gets or sets the path to the client private key file (optional for mutual TLS)
+    /// </summary>
+    public string? ClientKeyPath { get; set; }
+
+    /// <summary>
+    /// Gets or sets the path to the CA certificate for server validation (optional)
+    /// </summary>
+    public string? ServerCaCertificatePath { get; set; }
+
+    /// <summary>
+    /// Gets or sets the server name override for certificate validation (optional)
+    /// </summary>
+    public string? ServerNameOverride { get; set; }
+
+    /// <summary>
+    /// Gets or sets whether to validate the server certificate
+    /// </summary>
+    public bool ValidateServerCertificate { get; set; } = true;
+
+    /// <summary>
+    /// Gets or sets whether to allow self-signed certificates (for testing only)
+    /// </summary>
+    public bool AllowSelfSignedCertificates { get; set; } = false;
+
+    /// <summary>
+    /// Gets or sets whether to ignore all certificate errors (DANGEROUS - for testing only)
+    /// WARNING: This completely disables certificate validation and should never be used in production
+    /// </summary>
+    public bool IgnoreAllCertificateErrors { get; set; } = false;
+}