154cdbd861
Change the 'forward' system test to enable DoT on ns2 server, and test that forwarding from ns4 to the DoT-enabled ns2 works. In order to test different scenarios, create a test CA (based on similar CAs for 'doth' and 'nsupdate' system tests), and test both insecure (no certificate validation) and secure (also with mutual TLS) TLS configurations, as well as a configuration with an expired certificate.