Enable TLS enpoint authentication with certificates

[rpcme]

In Section 3.3.1, it is defined that TLS server authentication by
certificate is required to meet compliance. This would assume that the
IoT device has some kind of provisioning certificate available.

[rpcme]

https://docs.aws.amazon.com/apigateway/latest/developerguide/getting-started-client-side-ssl-authentication.html

But there is no mention on whether or not this meets RFC5280 conformance.