Allow new ssl option certs_keys in ranch_ssl

doc/src/manual/ranch_ssl.asciidoc

@@ -45,6 +45,11 @@ ssl_opt() = {alpn_preferred_protocols, [binary()]}
           | {cacertfile, file:filename()}
           | {cacerts, [public_key:der_encoded()]}
           | {cert, public_key:der_encoded()}
+          | {certs_keys, [#{cert => public_key:der_encoded(),
+                            key => ssl:key(),
+                            certfile => file:filename(),
+                            keyfile => file:filename(),
+                            key_pem_password => iodata() | fun(() -> iodata())}]}
           | {certfile, file:filename()}
           | {ciphers, ssl:ciphers()}
           | {client_renegotiation, boolean()}
@@ -123,6 +128,12 @@ cert::
 
 DER encoded user certificate.
 
+certs_keys::
+
+A list of a certificate (or possible a certificate and its chain)
+and the associated key of the certificate, that may be used to
+authenticate the client or the server.
+
 certfile::
 
 Path to the PEM encoded user certificate file. May also

src/ranch_ssl.erl

@@ -53,6 +53,11 @@
 	| {cacertfile, file:filename()}
 	| {cacerts, [public_key:der_encoded()]}
 	| {cert, public_key:der_encoded()}
+	| {certs_keys, [#{cert => public_key:der_encoded(),
+			  key => ssl:key(),
+			  certfile => file:filename(),
+			  keyfile => file:filename(),
+			  key_pem_password => iodata() | fun(() -> iodata())}]}
 	| {certfile, file:filename()}
 	| {ciphers, ssl:ciphers()}
 	| {client_renegotiation, boolean()}
@@ -119,7 +124,8 @@ listen(TransOpts) ->
 			orelse lists:keymember(certfile, 1, SocketOpts)
 			orelse lists:keymember(sni_fun, 1, SocketOpts)
 			orelse lists:keymember(sni_hosts, 1, SocketOpts)
-			orelse lists:keymember(user_lookup_fun, 1, SocketOpts) of
+			orelse lists:keymember(user_lookup_fun, 1, SocketOpts)
+			orelse lists:keymember(certs_keys, 1, SocketOpts) of
 		true ->
 			Logger = maps:get(logger, TransOpts, logger),
 			do_listen(SocketOpts, Logger);