Improve fetch TLS certificate error messages

[Will-thom]

Fixes #2199.

This keeps the fetch TypeError shape and cause intact while surfacing TLS certificate verification details in the top-level error message for known certificate-related failures.

Tests:

• node --test test\fetch\tls-certificate-error.js
• node --test test\fetch\client-error-stack-trace.js
• borp focused test/fetch/tls-certificate-error.js
• borp focused test/fetch/client-error-stack-trace.js
• eslint lib/web/fetch/index.js test/fetch/tls-certificate-error.js

Note: npm run build:node could not be executed in this Windows sandbox because npm/esbuild attempted to access a denied path outside the workspace before compiling.

[codecov-commenter]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 93.22%. Comparing base (f049730) to head (c927df4).

Additional details and impacted files

@@            Coverage Diff             @@
##             main    #5326      +/-   ##
==========================================
+ Coverage   93.21%   93.22%   +0.01%     
==========================================
  Files         110      110              
  Lines       36598    36615      +17     
==========================================
+ Hits        34115    34136      +21     
+ Misses       2483     2479       -4     

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

[mcollina]

I think this is spec mandated. @KhafraDev

[KhafraDev]

It's not spec mandated (other than having to throw a TypeError), but there are a number of libraries that check for the error message 'fetch failed', which this change would break. is-network-error is one of the largest ones.