Make it possible to choose certificate alias for ssl connections

[AxelHeathnet]

Feature Request

Certificate choice on ssl connections

Problem

In my application I store certificates in a common keystore. When estabilishing an ssl connection it appears that lettuce will take the first certificate it finds in the keystore to crypt the conversation, leading to server side error if the client certificate does not match.

In other words at the moment you need to dedicate one keystore only for lettuce to use.

Proposed solution

Add a "keystoreAlias" parameter in ssl option's builder.

SslOptions sslOptions = SslOptions.builder().jdkSslProvider().
                    .keystore(keystoreFile, keystorePassword.toCharArray())
                    .keystoreAlias(keystoreAlias)
                    .build();
client.setOptions(ClientOptions.builder().sslOptions(sslOptions).build());
client.connect();

[mp911de]

That is the default Java behavior to pick the first key. Key selection requires a X509ExtendedKeyManager to do so. Given the configuration and behavior possibilities of SSL/TLS APIs, I suggest introducing a customized function for the SSLContextBuilder.