Lightning network connections do not use TLS or certificates at all, as far as I know (note that this may be different for other types of connections, like RPC).
To explain why, let us look at how they are used in the HTTPS setting. There, a browser makes a connection to a website server. To encrypt the connection, the server hands the browser its public key. To convince the browser that this public key is indeed the one belonging to the hostname it tries to connect to, it also hands a certificate that was created by an authority the browser trusts, which says “public key X is owned by site Y. Signed, Z”.
Back to Lightning. When you create a connection between your node and another, you specify the peer public key directly (PUBKEY@HOSTNAME syntax). There is no need for a trusted third party to attest to the correctness of that public key, because it is the user’s responsibility to configure the public key correctly.
