[mTLS] ca_certs option seems to be a bundle, not necessarily a chain

[FaustXVI]

What kind of documentation problem are you reporting?

Undocumented Feature

Where is the issue found?

https://rocket.rs/guide/v0.5/configuration/#mutual-tls

What's wrong?

Let's say you have two partners that you want to authenticate with mtls.
Partner A gives you a certificate chain file chain_A.pem and partner B gives chain_B.pem. Both chains are distinct : they have no certificate in common.
Rocket will work if you parameterize tls.mutual.ca_certs to a file containing the concatenation of both chains.

This type file is called a bundle.

The code found at

Rocket/core/lib/src/mtls/config.rs

Line 171 in f9de1bf

for cert in rustls_pemfile::certs(&mut self.ca_certs_reader()?) {

seems to confirm that the file is manipulated as a bundle more than a chain.

I think the documentation should talk about bundle file more than chain file or at least explicitly say that you can combine chains in the file given to rocket.

System Checks

• I confirmed that the issue still exists on master on GitHub.
• I was unable to find a previous report of this problem.