Looking at the online documentation I found the verifyPeer option, but it is described to be used on client side. Trying to use it on server side I achieved my goal but only if the client has the whole certificate (private + public).

My question is: Can I obtain in some way the same result sharing only the public part of the certificate?

Currently I'm using a configuration like this one (skipping the accept and connect options):

[Server]

cert=wholeCert.pem

verifyPeer=yes

[Client]

cert=wholeCert.pem

verifyPeer=yes

CAFile=wholeCert.pem

and I'm looking for something like:

[Server]

cert=wholeCert.pem

verifyPeer=yes

[Client]

If I try this second option the server refuses the connection in handshake phase saying that the client didn't provide any certificate.

Is there a way to achieve this?

Thank you.