feat(tls): load full certificate chain for server acceptor

[SAY-5]

Fixes #834. build_acceptor read only the first certificate from tls_certificate, so server certs not signed directly by a root CA failed validation. Per the maintainer's note that build_acceptor "could probably be adapted with no additional changes to make TLS work correctly", this reads the whole PEM file with pem_file_iter (mirroring build_client_cert_verifier) and passes the full chain to with_single_cert. Adds a regression test with a two-cert chain fixture.

[CLAassistant]

Thank you for your submission! We really appreciate it. Like many open source projects, we ask that you sign our Contributor License Agreement before we can accept your contribution.
_{You have signed the CLA already but the status is still pending? Let us recheck it.}

[codecov]

Codecov Report

❌ Patch coverage is 61.11111% with 14 lines in your changes missing coverage. Please review.

Files with missing lines	Patch %	Lines
pgdog/src/net/tls.rs	61.11%	14 Missing ⚠️

📢 Thoughts on this report? Let us know!

[levkk]

Awesome! Would be happy to merge this if you can sign the CLA.