Index: src/SSLSocket.h
==================================================================
--- src/SSLSocket.h
+++ src/SSLSocket.h
@@ -30,15 +30,17 @@
 @interface SSLSocket: OFTCPSocket
 {
 	SSL *ssl;
 	OFString *privateKeyFile;
 	OFString *certificateFile;
+	BOOL requestsClientCertificates;
 }
 
 #ifdef OF_HAVE_PROPERTIES
 @property (copy) OFString *privateKeyFile;
 @property (copy) OFString *certificateFile;
+@property BOOL requestsClientCertificates;
 #endif
 
 - initWithSocket: (OFTCPSocket*)socket;
 -  initWithSocket: (OFTCPSocket*)socket
    privateKeyFile: (OFString*)privateKeyFile
@@ -47,9 +49,11 @@
 - (SSLSocket*)accept;
 - (void)setPrivateKeyFile: (OFString*)file;
 - (OFString*)privateKeyFile;
 - (void)setCertificateFile: (OFString*)file;
 - (OFString*)certificateFile;
+- (void)setRequestsClientCertificates: (BOOL)enabled;
+- (BOOL)requestsClientCertificates;
 - (OFDataArray*)channelBindingDataWithType: (OFString*)type;
 - (X509Certificate*)peerCertificate;
 - (void)verifyPeerCertificate;
 @end

Index: src/SSLSocket.m
==================================================================
--- src/SSLSocket.m
+++ src/SSLSocket.m
@@ -221,10 +221,13 @@
 
 		@throw [OFAcceptFailedException exceptionWithClass: [self class]
 							    socket: self];
 	}
 
+	if (requestsClientCertificates)
+		SSL_set_verify(newSocket->ssl, SSL_VERIFY_PEER, NULL);
+
 	SSL_set_accept_state(newSocket->ssl);
 
 	if (!SSL_use_PrivateKey_file(newSocket->ssl, [privateKeyFile
 	    cStringWithEncoding: OF_STRING_ENCODING_NATIVE],
 	    SSL_FILETYPE_PEM) || !SSL_use_certificate_file(newSocket->ssl,
@@ -349,10 +352,20 @@
 
 - (OFString*)certificateFile
 {
 	OF_GETTER(certificateFile, YES)
 }
+
+- (void)setRequestsClientCertificates: (BOOL)enabled
+{
+	requestsClientCertificates = enabled;
+}
+
+- (BOOL)requestsClientCertificates
+{
+	return requestsClientCertificates;
+}
 
 - (OFDataArray*)channelBindingDataWithType: (OFString*)type
 {
 	size_t length;
 	char buffer[64];