1. Client is: 192.168.1.4 and Server is192.168.1.3 2. Here, server is also requesting client's certificate [192.168.1.3] -> [192.168.1.4] TLSv1.2 209 Certificate Request, Server Hello Done 3. But client is not sending it's certificate. 4. Client needs it own cert & key or use MBEDTLS_SSL_VERIFY_NONE on server
In addition to what has correctly mentioned by @gopi219 , you could use a ciphersuite that doesn’t use certificates ( PSK based certificate), depending on your use case and threat model. If your threat model requires you to authenticate the client(by not setting MBEDTLS_SSL_VERIFY_NONE in your serer authentication configuration ), you will need to set the client certificate to send to server.
Using the openssl s_client help command, you will see you need to consider the following parameters:
-cert arg - certificate file to use, PEM format assumed
-certform arg - certificate format (PEM or DER) PEM default
-key arg - Private key file to use, in cert file if
not specified but cert file is.
-keyform arg - key format (PEM or DER) PEM default
Since you are using the Mbed TLS test certificates you should probably use tests/data_files/cli2.crt or tests/data_files/cli-rsa-sha256.crt.