> Hi Linus ,
>
> Thanks a-lot for your reply. I retried it after setting `certificateNameCheck off' in Server block. However, it is still using mutual authentication (I am copying the packet transfer between Client and Server below). The main difference which I could see was that now it can establish TLS connection with non-matching CN name also. 
>
>
> To turn off mutual authentication i.e. Server should not ask for Client certificate in Server Hello message.  Is there any way to disable "SSL_VERIFY_PEER" in Server code ?      
>
>
>
> Source                      Destination           Protocol        Info
> 192.168.1.100        192.168.1.2           TLSv1.2      Client Hello
> 192.168.1.2            192.168.1.100       TLSv1.2      Server Hello
> 192.168.1.2            192.168.1.100       TLSv1.2      Certificate <======= Server Certificate
> 192.168.1.100       192.168.1.2            TLSv1.2      Certificate <======= Client Certificate
> 192.168.1.2           192.168.1.100        TLSv1.2      New Session Ticket, Change Cipher Spec, Encrypted Handshake Message
>
> Regards,
> Mofassir
>
>    On Wednesday, 5 October 2016 7:58 PM, Linus Nordberg <linus@nordu.net> wrote:
> 
>
>  Mofassir Ul Haque <mofassir_haque@yahoo.com> wrote
> Wed, 5 Oct 2016 00:19:55 +0000 (UTC):
>
>> Currently, radsecproxy supports mutual authentication by default
>> i.e. both the Client and the Server certificate are validated at the
>> time of TLS connection establishment. However, I want to only validate
>> Server’s certificate.  Is it possible to make changes to TLS Block
>> (radsecproxy.conf) or to code to only do the validation of Server
>> certificate's ? Any help will be greatly appreciated ! Thanks,
>
> You can set `certificateNameCheck off' in a server block to disable
> verification of client CN and SAN.
>
>
>
>