Update docs on new AKS certificate changes and relative agent configuration changes that are necessary

[mrdoggopat]

AKS may have changed how they structure their certificates again. Relative to the June 17th release: https://github.com/Azure/AKS/releases/tag/2025-06-17

• Kubelet Service Certificate Rotation has now been rolled out to East US and UK South. Existing node pools will have kubelet serving certificate rotation enabled by default when they perform their first upgrade to any kubernetes version 1.27 or greater. New node pools on kubernetes version 1.27 or greater will have kubelet serving certificate rotation enabled by default. For more information on kubelet serving certificate rotation and disablement, see certificate rotation in Azure Kubernetes Service.
• The cert path will be switched from /etc/kubernetes/certs/kubeletserver.crt to /var/lib/kubelet/pki/kubelet-server-current.pem once they upgrade their 1.27+ nodes to a higher version

This may impact customers that don't use tlsVerify set to false but opt to give the agent the SSL cert following the docs: https://docs.datadoghq.com/containers/kubernetes/distributions/?tab=helm#AKS

This documentation update is to cover this in the event the customers run into issues with the agent when they upgrade their AKS nodes.

[github-actions]

📝 Documentation Team Review Required

This pull request requires approval from the @DataDog/documentation team before it can be merged.

Please ensure your changes follow our documentation guidelines and wait for a team member to review and approve your changes.

[github-actions]

Preview links (active after the build_preview check completes)

Modified Files

• https://docs-staging.datadoghq.com/patrickliang/config-check-for-aks-kubelet-cert/containers/kubernetes/distributions