feat: modify TLS config to allow initial node join without client certificate

cmd/kat-agent/main.go

@@ -251,6 +251,13 @@ func runInit(cmd *cobra.Command, args []string) {
 				apiServer.RegisterJoinHandler(func(w http.ResponseWriter, r *http.Request) {
 					log.Printf("Received join request from %s", r.RemoteAddr)
 					
+					// Check if this is a secure connection with client cert
+					if r.TLS != nil && len(r.TLS.PeerCertificates) > 0 {
+						log.Printf("Client provided certificate with CN: %s", r.TLS.PeerCertificates[0].Subject.CommonName)
+					} else {
+						log.Printf("Client did not provide a certificate - this is expected for initial join")
+					}
+					
 					// Read request body
 					var joinReq cli.JoinRequest
 					if err := json.NewDecoder(r.Body).Decode(&joinReq); err != nil {