Parallell ssl cert load

[ezelkow1]

Adds a new config proxy.config.ssl.server.multicert.concurrency

Defaults to 1 for single core usage, however even with that on first load it will use all cores for cert loading. After that it will use the specified value 0(auto)/1(default)/N(number of threads) when doing reloads of certs

[Copilot]

Pull request overview

Adds support for parallel loading of ssl_multicert.yaml certificates, controlled by a new records.config setting, to speed up certificate (re)configuration in ATS’s TLS / QUIC certificate loaders.

Changes:

• Introduces proxy.config.ssl.server.multicert.concurrency (records + docs) and threads the value through SSLConfigParams.
• Updates SSLMultiCertConfigLoader to optionally load multicert items in parallel using std::thread, with locking for shared SSLCertLookup mutations.
• Extends the gold test to cover the new parallel-loading behavior.

Reviewed changes

Copilot reviewed 8 out of 8 changed files in this pull request and generated 6 comments.

Show a summary per file

File	Description
tests/gold_tests/tls/ssl_multicert_loader.test.py	Adds a new gold test section intended to validate parallel loading behavior.
src/records/RecordsConfig.cc	Registers the new proxy.config.ssl.server.multicert.concurrency record.
src/iocore/net/SSLUtils.cc	Implements the parallel multicert loading logic and adds locking around shared lookup mutation.
src/iocore/net/SSLConfig.cc	Reads the new concurrency record into SSLConfigParams and passes “first load” state into the loader.
src/iocore/net/QUICMultiCertConfigLoader.cc	Updates QUIC cert reload path to pass “first load” state into the loader.
src/iocore/net/P_SSLConfig.h	Adds configLoadConcurrency to SSLConfigParams.
include/iocore/net/SSLMultiCertConfigLoader.h	Updates loader API to accept firstLoad and adds _load_items() + mutex.
doc/admin-guide/files/records.yaml.en.rst	Documents the new configuration record and its behavior.

[zwoop]

This generally looks good now, couple of nitpicks, at your discretion to address or not.