Only one type of TLS key is supported per X509 client certificate

[TinCanTech]

Each X509 client certificate can only use (have an inline for for) one of the following keys:

• One inline-file per X509 client certificate - to - One TLS-Auth-key.
• One inline-file per X509 client certificate - to - One TLS-Crypt-key. These two type of inline file are mutually exclusive.

With TLS-Crypt-V2 keys:

• One inline-file per TLS-Crypt-V2 key - to - One X509 client certificate. The X509 client certificate for unique TLS-Crypt-V2 keys can be used an unlimited number of times.

No X509 client certificate can have inline-files for TLS-Crypt-V2 and any other TLS key at the same time.

[TinCanTech]

It may be possible to over-ride current behaviour, to allow multiple type of TLS key per X509 client certificate with a switch for easytls-verify.sh. The switch would still detect clients which should be using TLS-Cryp-V2 keys but allow them to connect anyway.

This is a bad idea -- Inline files without a subkey-name are always mutually exclusive.

[TinCanTech]

191