When opening a server socket with `tls::socket -server`, every time a client connects, a new SSL_CTX structure is created for that connection.
This means, if certificates are provided with `-certfile`, `-cafile` and `-keyfile`, they are opened and read for every connection, as can be seen with `strace`. How do I avoid this?

- Using `-cert` and `-file` instead requires a manual conversion of PEM-files to DER (and there is no equivalent for `-cafile`).
- `-model` cannot be supplied to `tls::socket`, but this would require a weird workaround to get a "model connection" anyway.

Optimally `tls::socket -server` would cache the first SSL_CTX and use it for subsequent connections.