Federation breaks on next generation letsencrypt certifiates

[Menelmacar]

Hi, When generating a letsencrypt certificate with the tlsserver ACME profile to mimic the future of letsencrypt
(see https://letsencrypt.org/2025/05/14/ending-tls-client-authentication/ )
then my prosody server can't to any s2s with metronome anymore,
It tells me Could not authenticate to remote server
Tested with lightwitch.org
I can connect fine with a normal cert.
See same issue on ejabberd processone/ejabberd#4392 for more context

[Neustradamus]

@Menelmacar: Thanks for your ticket!