Hello all, I am currently trying to build both client and server of an application that uses TLS 1.3 and mutual authentication using certificates. The application works so far - I can establish connections, certificates are verified, data is successfully transmitted, etc. However, I have an issue, or maybe two. 1. SSL_connect returns successfully before the client certificate is sent from the client to the server. The client certificate is only sent on the first SSL_write_ex with > 0 bytes, and as such, at this point the server can generate SSL alerts like access denied, etc. 2. When trying to benchmark latency on the application, the first roundtrip is extended by the client certificate verification. Is there any way I can complete the handshake, and thus validate the full connection, without sending data? I must say that even after reading RFC8446 I am not sure if there is a positive confirmation after the client certificate is sent, so I am not sure if what I am asking for is even possible. Best regards, Chris
