Request client certificates
If the SSL/TLS server needs to authenticate the client using X.509 certificates, you need to use Client Authentication.
To enable the server to request the certificates from the client, set ClientAuthentication property of the corresponding SSL/TLS server class to true.
There are two possible modes of client authentication - when the authentication is requested (but not mandatory) and when the authentication is required. The mode is specified using AuthenticationLevel property of the corresponding SSL/TLS server class.
If the server has a predefined set of acceptable certificates, you can add such certificates to the certificate storage and assign the reference to this storage to ClientCertStorage property of the SSL/TLS server class. If the application must validate the client certificates as they are received, use OnCertificateValidate event of the SSL/TLS server class and see the corresponding how-to article.