TLS configuration lacks proper certificate verification controls

**Description:**
TLS setup uses empty `.ca`, `.cert`, `.key`, relying on defaults. This may lead to insecure setups or undefined behavior across environments. Explicit TLS verification options should be configurable.