Does OpenSSL 3.0 provide a way for client side software to verify that the server actually sent a request for the client’s certificate? As I recall, the only way to do this in 1.0.2 was to hook in a callback that examined every handshake message and set a flag if the client cert request was seen, then check that flag after handshake completion in the application. I hope there is something better available in 3.0…
Thanks - Steve
