add mTLS support for client certificates

[mackerel225]

Your use case

What would you like to do?

Implement mTLS for Element X by allowing users to select which client certificates to use during account provider selection screen.

Why would you like to do it?

Hosting matrix server will only allow people with client certificates to connect.

How would you like to achieve it?

HTTP-Shortcuts app has similar functionality which can be used as initial implementation - https://github.com/search?q=repo%3AWaboodoo%2FHTTP-Shortcuts%20client%20certificate%20authentication&type=code. Enables users to select which client certificate to use for HTTP requests, this enables mTLS in where your server is enforcing client certs.

What is the current behaviour?

Enforcing client certs on a server whilst hosting a matrix instance will result in your typical 'We couldn't reach this homeserver' error message. This will happen despite client certs are installed on an Android device, they are just not being picked up / used by Element X android.

Have you considered any alternatives?

No response

Additional context

All that's required is for element X to use self-signed client certs. The enforcing can happen through reverse proxy

Are you willing to provide a PR?

Yes

[sabirovrinat85]

Implementing mTLS would be great, this is one of those features that's not much complicated (even rather simple I think) but giving so much, that one will improve overall security drastically...