* make sure client CA and auth type are set if CA is explicitly specified.

added some simple tests to confirm the effect.

* test certificates (forgot to add them in the previous commit)

* made client auth policy configurable with new client_auth option.

README has been updated accordingly.

* fix editorial in README