Tap server only accepts TLS connections #3157
Description
The proxy's tap server will attempt to accept TLS connections, but will fallback to accepting plaintext connections in certain situations.
Once the required changes are in place in the proxy's tap server and the tap controller is opening TLS connections, the tap server should no longer accept plaintext connections.
This will also couple identity to the tap server, as it would no longer be able to accept connections if identity was disabled on inject. Add a similar check if identity is disabled when spawning the tap server at startup.
Depends on linkerd/linkerd2-proxy#290, #3154, #3155