Currently, SSL certificate configuration is split across records.config and ssl-multicert.config. This leads to awkward situations where you can't enable client certificate validation for a particular server certificate, and you can't add a SSL key passphrase dialog globally.
I'd like to unify the SSL configuration by pushing all the configuration parameters down to records.config and allowing ssl-multicert.config to override those settings. This would be logically similar to how overridable configurations work for the TS API.
I plan to retain backwards compatibility with 4.x ssl-multicert.config syntax. You would still need ssl-multicert.config to be able to configure multiple SSL certificates.