AppleTLS: Enable --certificate

Tested against self-signed CA with nginx

src/AppleTLSSession.cc

@@ -333,13 +333,13 @@ AppleTLSSession::AppleTLSSession(AppleTLSContext* ctx)
   }
 #endif
 
-  if (ctx->getSide() != TLS_SERVER) {
-    // Done with client-only initialization
-    return;
-  }
-
   SecIdentityRef creds = ctx->getCredentials();
   if (!creds) {
+    if (ctx->getSide() != TLS_SERVER) {
+      // Done with client-only initialization
+      return;
+    }
+
     A2_LOG_ERROR("AppleTLS: No credentials");
     state_ = st_error;
     return;

src/MultiUrlRequestInfo.cc

@@ -245,8 +245,7 @@ int MultiUrlRequestInfo::prepare()
 
 #ifdef ENABLE_SSL
     std::shared_ptr<TLSContext> clTlsContext(TLSContext::make(TLS_CLIENT));
-    if(!option_->blank(PREF_CERTIFICATE) &&
-       !option_->blank(PREF_PRIVATE_KEY)) {
+    if(!option_->blank(PREF_CERTIFICATE)) {
       clTlsContext->addCredentialFile(option_->get(PREF_CERTIFICATE),
                                       option_->get(PREF_PRIVATE_KEY));
     }

src/OptionHandlerFactory.cc

@@ -1155,11 +1155,20 @@ std::vector<OptionHandler*> OptionHandlerFactory::createOptionHandlers()
     handlers.push_back(op);
   }
   {
-    OptionHandler* op(new DefaultOptionHandler
+    OptionHandler* op(
+#ifdef HAVE_APPLETLS
+                      new DefaultOptionHandler
+                      (PREF_CERTIFICATE,
+                       TEXT_CERTIFICATE,
+                       NO_DEFAULT_VALUE)
+#else // HAVE_APPLETLS
+                      new LocalFilePathOptionHandler
                       (PREF_CERTIFICATE,
                        TEXT_CERTIFICATE,
                        NO_DEFAULT_VALUE,
-                       PATH_TO_FILE));
+                       false)
+#endif // HAVE_APPLETLS
+        );
     op->addTag(TAG_HTTP);
     op->addTag(TAG_HTTPS);
     handlers.push_back(op);