I tried using httpclient-4.3.6's SSLContextBuilder to build a SSLContext, which I then fed to my AsyncHttpClient connection pool.
It worked just fine for configuring the cipher suites, TLS/SSL protocols and trust stores, however it did not work for the key managers.
The reason being that it did not implement a key manager that extended X509ExtendedKeyManager.
As far as I saw the differences between the X509ExtendedKeyManager abstract class and X509KeyManager interface are:
- X509ExtendedKeyManager (for async [and sync]) takes in SSLEngine as argument for its chooseEngineClientAlias method
- X509KeyManager (for sync only) takes in Socket as argument for its chooseServerAlias method
For the while being, I've copied and adjusted the SSLContextBuilder and PrivateKeyStrategy classes to suite my needs for a KeyManager implementation when going async. See the attached files for my copy.