Support for client TLS certificate in tcpsock:sslhandshake

[smira]

There's already an option to validate server TLS certificate using lua_ssl_trusted_certificate.

It would be nice if we could provide client TLS certificate, in the same way as ngx_http_proxy module is doing: http://nginx.org/en/docs/http/ngx_http_proxy_module.html#proxy_ssl_certificate, so that there would be two new options:

• lua_ssl_certificate
• lua_ssl_certificate_key

These options would initialise nginx ssl context with client certificates, which would be used during ssl handshake.

[agentzh]

@smira Yes, this has been on my TODO list. But would you mind contributing a patch for it? ;)

Thanks!

[rohitjoshi]

Any patch available?

[Lekensteyn]

This appears to be fixed since March 2022 via commit 2b90265 (PR #1602). There is a new tcpsock:setclientcert API.

[Bec-k]

I don't see and can't find setclientcert anywhere...

[Bec-k]

It was not merged...

[zhuizhuhaomeng]

https://github.com/openresty/lua-nginx-module#tcpsocksetclientcert
It has been merged. But do not contain in the openresty-1.21.4 Release