docs: add MySQL backend TLS configuration doc (#2124)

Author: WenyXu

docs/user-guide/deployments-administration/manage-metadata/configuration.md

@@ -83,7 +83,27 @@ store_addrs = ["mysql://user:password@ip:port/dbname"]
 # Default: greptime_metakv
 meta_table_name = "greptime_metakv"
 
-# TLS is not supported for MySQL currently.
+[backend_tls]
+# - "disable" - No TLS
+# - "prefer" (default) - Try TLS, fallback to plain
+# - "require" - Require TLS
+# - "verify_ca" - Require TLS and verify CA
+# - "verify_full" - Require TLS and verify hostname
+mode = "prefer"
+
+# Path to client certificate file (for client authentication)
+# Like "/path/to/client.crt"
+cert_path = ""
+
+# Path to client private key file (for client authentication)
+# Like "/path/to/client.key"
+key_path = ""
+
+# Path to CA certificate file (for server certificate verification)
+# Required when using custom CAs or self-signed certificates
+# Leave empty to use system root certificates only
+# Like "/path/to/ca.crt"
+ca_cert_path = ""
 ```
 
 When sharing a MySQL instance between multiple GreptimeDB clusters, you must set a unique `meta_table_name` for each GreptimeDB cluster to avoid metadata conflicts.

i18n/zh/docusaurus-plugin-content-docs/current/user-guide/deployments-administration/manage-metadata/configuration.md

@@ -83,7 +83,27 @@ store_addrs = ["mysql://user:password@ip:port/dbname"]
 # 默认值: greptime_metakv
 meta_table_name = "greptime_metakv"
 
-# MySQL 暂不支持 TLS。
+[backend_tls]
+# - "disable" - 不使用 TLS
+# - "prefer" (默认) - 尝试 TLS，失败时回退到明文连接
+# - "require" - 要求 TLS
+# - "verify_ca" - 要求 TLS 并验证 CA
+# - "verify_full" - 要求 TLS 并验证主机名
+mode = "prefer"
+
+# 客户端证书文件路径（用于客户端身份验证）
+# 例如 "/path/to/client.crt"
+cert_path = ""
+
+# 客户端私钥文件路径（用于客户端身份验证）
+# 例如 "/path/to/client.key"
+key_path = ""
+
+# CA 证书文件路径（用于服务器证书验证）
+# 使用自定义 CA 或自签名证书时必需
+# 留空则仅使用系统根证书
+# 例如 "/path/to/ca.crt"
+ca_cert_path = ""
 ```
 
 当多个 GreptimeDB 集群共享同一个 MySQL 实例时，必须为每个 GreptimeDB 集群设置一个唯一的 `meta_table_name` 以避免元数据冲突。