Allow to configure client TLS settings for proxy mode

[jsoriano]

Allow to configure CA and insecure mode in the TLS settings for the client used in proxy mode. The target registry may be using a custom CA, and the client registry using proxy mode should be able to configure it.

Originally requested in #979 (comment).

[Alphayeeeet]

After some trial and error, we found a valid workaround by setting the SSL_CERT_FILE environment variable to a CA trust bundle. However an additional issue is, that the proxy to URL does not respect context routes like host:port/context-route/. It expects the target registry directly under the root /, which is currently working for us but not optimal (we use an internal reverse proxy to allow access to epr.elastic.co and the internal registry should use the reverse proxy under specific context route).