From 01698f8f600f132df516997321dc138331b52bb7 Mon Sep 17 00:00:00 2001
From: johnabass <johnbass1017@yahoo.com>
Date: Tue, 23 Apr 2024 12:38:39 -0700
Subject: [PATCH 1/2] request but do not verify client certs

---
 xhttp/xhttpserver/tls.go | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/xhttp/xhttpserver/tls.go b/xhttp/xhttpserver/tls.go
index 7c022c3..2caebce 100644
--- a/xhttp/xhttpserver/tls.go
+++ b/xhttp/xhttpserver/tls.go
@@ -243,7 +243,7 @@ func NewTlsConfig(t *Tls, extra ...PeerVerifier) (*tls.Config, error) {
 		}
 
 		tc.ClientCAs = caCertPool
-		tc.ClientAuth = tls.RequireAndVerifyClientCert
+		tc.ClientAuth = tls.RequestClientCert
 	}
 
 	tc.BuildNameToCertificate() // nolint: staticcheck

From c28c6c616e7b6ef832facb2698937332d4f203a7 Mon Sep 17 00:00:00 2001
From: johnabass <johnbass1017@yahoo.com>
Date: Tue, 23 Apr 2024 12:41:01 -0700
Subject: [PATCH 2/2] chore: updated unit test

---
 xhttp/xhttpserver/tls_test.go | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/xhttp/xhttpserver/tls_test.go b/xhttp/xhttpserver/tls_test.go
index b6d872a..4a03952 100644
--- a/xhttp/xhttpserver/tls_test.go
+++ b/xhttp/xhttpserver/tls_test.go
@@ -553,7 +553,7 @@ func testNewTlsConfigWithClientCACertificateFile(t *testing.T, certificateFile,
 	assert.Equal([]string{"http/1.1"}, tc.NextProtos)
 	assert.NotEmpty(tc.Certificates)
 	assert.NotNil(tc.ClientCAs)
-	assert.Equal(tls.RequireAndVerifyClientCert, tc.ClientAuth)
+	assert.Equal(tls.RequestClientCert, tc.ClientAuth)
 }
 
 func testNewTlsConfigLoadClientCACertificateError(t *testing.T, certificateFile, keyFile string) {