This PR adds a FFI interface that allows users to configure SSL client certificate verification dynamically. For example, Nginx can now read SNI first and then determine whether to request a client certificate during handshake. Optionally, caller can pass in a CA list used for verification.
I hereby granted the copyright of the changes in this pull request
to the authors of this lua-nginx-module project.
This PR adds a FFI interface that allows users to configure SSL client certificate verification dynamically. For example, Nginx can now read SNI first and then determine whether to request a client certificate during handshake. Optionally, caller can pass in a CA list used for verification.
I hereby granted the copyright of the changes in this pull request to the authors of this lua-nginx-module project.