Usage of "resty.http" ssl_handshake

I am trying to do a upstream ssl_handshake using “resty.http” module from inside my plugin.

Using code example from other plugins (http_log):

if parsed_url.scheme == “https” then
local _, err = httpc:ssl_handshake(true, host, false)
if err then
return nil, "failed to do SSL handshake with " …
host … “:” … tostring(port) … ": " … err

I see handshake initiated with upstream service (in this case tomcat) but it fails because kong does not send it’s certificate chain. I was expecting the ‘client_ssl_cert’ setting to serve as the path to the cert file to send.

This requires the “client certificate” support of the OpenResty cosocket subsystem which does not exist yet. The Nginx directive does not control this process.