left over to check.
The new TLS_OPTS type macro doesn't include the supported certkeyasn1 option (used for PKCS12 in-memory cert+key; see listener tests and C parsing), so type checkers will still reject valid configurations. Also, cert/key are listed in TLS_OPTS but the credential parsing code appears to only consume certfile/keyfile or certkeyasn1; if cert/key aren’t actually supported, the type spec is misleading. Consider adding certkeyasn1 with the correct value type and aligning/removing cert/key to match what the NIF parses.
Originally posted by @Copilot in #403 (comment)
left over to check.
The new
TLS_OPTStype macro doesn't include the supportedcertkeyasn1option (used for PKCS12 in-memory cert+key; see listener tests and C parsing), so type checkers will still reject valid configurations. Also,cert/keyare listed inTLS_OPTSbut the credential parsing code appears to only consumecertfile/keyfileorcertkeyasn1; ifcert/keyaren’t actually supported, the type spec is misleading. Consider addingcertkeyasn1with the correct value type and aligning/removingcert/keyto match what the NIF parses.Originally posted by @Copilot in #403 (comment)