mTLS setup in .NET 8 backend with Rust (Tauri) client — client certificate always null

Hey everyone 👋, I'm trying to implement mTLS authentication between a .NET 8 (ABP-based) backend and a Tauri app (Rust + Angular frontend). Everything builds and runs, but the server side always ends up saying No client certificate provided, even though the Rust client clearly sends the cert. The Setup .NET Backend (Program.cs) Validation Service public bool ValidateCertificate(X509Certificate2 clientCertificate) { return clientCertificate != null && clientCertificate.Verify() && _allowedThumbprints.Contains(clientCertificate.Thumbprint); } Rust (Tauri) Client Code Using reqwest with openssl: let identity = Identity::from_pkcs12_der(&buf, "client123")?; let client = ClientBuilder::new() .identity(identity) .danger_accept_invalid_certs(true) // for localhost only .build()?; The client loads the PFX fine, parses it, and shows valid certificate data. But on request, the server always logs: No client certificate provided despite the response being 403 Forbidden and not 400 TLS error, so it’s clearly completing the TLS handshake. Observations Rust logs show certificate loaded, private key present, and request succeeds (HTTP 403). Server never sees context.Connection.ClientCertificate. Tried grabbing cert via ITlsConnectionFeature, still null. ❓ Any ideas? Do I need to set something explicitly in Kestrel or Tauri’s request? Does Rust reqwest send client cert after handshake or during? Should I be using ClientHello inspection or something else to confirm? Any working sample with Tauri + .NET mTLS? Appreciate any help! 🙏 Happy to provide more logs/configs if needed.