When running a nginx setup with multiple vhosts for different domains that each have independent domains+certificates it would be nice, if SCTs for all certificates could be put in one directory with the module including only those applicable to the current connection's server certificate.

As I understood the code while skimming over it, the module currently puts all SCTs it finds into the TLS extension. It would be nice, if the module only added SCTs applicable to the current vhost's certificate (and if necessary trust chain).

Intention:

• Avoid configuration overhead by specifying SCT behaviour globally
• Centralize storage of SCTs for all certificates in one directory (e.g. all SCTs for all certs go to /etc/ssl/sct via cron or similar means).