I'm looking into adding ACME ALPN challenge support to an application
that uses the SSL module and I think it's possible to do that by using a
custom SSL Context object; however it seems that I'd need access to the
SSL Session from find_cert_domain in order to determine if the
connection was requesting challenge authentication. I'm also assuming
that the module doesn't otherwise cache the certificates returned from
this call.
Would it be unreasonable to either change the signature of
find_cert_domain() to include this, or possibly add an optional method
to that would get used if present (for backward compatibility reasons)?
Of course, if I get it working in a reasonable fashion, I'd be happy to
contribute this hypothetical ACME Context.
Any thoughts?
Bill