tls: add `allowPartialTrustChain` flag
This commit exposes the X509_V_FLAG_PARTIAL_CHAIN
OpenSSL flag to users. This is behavior that has been requested repeatedly in the Github issues, and allows aligning behavior with other TLS libraries and commonly used applications (e.g. curl
).
As a drive-by, simplify the SecureContext
source by deduplicating call sites at which a new custom certificate store was created for the secureContext
in question.