When using the XNio option
SslClientAuthMode, I can have my Undertow server send a client cert request to the browser. However, the documentation of SSL client auth says the server can also send a list of acceptable CAs.
If the server requires a digital certificate for client authentication, the server sends a “client certificate request” that includes a list of the types of certificates supported and the Distinguished Names of acceptable Certification Authorities (CAs).
How do I specify the list of supported certs an the list of allowed distinguished names that Undertow/Xnio sends as part of the certificate request during SSL negotiation?