diff --git a/lib/tls/mbedtls/client.c b/lib/tls/mbedtls/client.c
index 5e971e04..24e501b8 100644
--- a/lib/tls/mbedtls/client.c
+++ b/lib/tls/mbedtls/client.c
@@ -172,7 +172,8 @@ lws_tls_client_create_vhost_context(struct lws_vhost *vh,
 		return 1;
 	}
 
-	SSL_CTX_add_client_CA(vh->ssl_client_ctx, vh->x509_client_CA);
+	// SSL_CTX_add_client_CA(vh->ssl_client_ctx, vh->x509_client_CA);
+	SSL_CTX_add_client_CA(vh->ssl_ctx, vh->x509_client_CA);
 
 	lwsl_notice("client loaded CA for verification %s\n", ca_filepath);
 
diff --git a/lib/tls/mbedtls/server.c b/lib/tls/mbedtls/server.c
index e885f941..d88e39c8 100644
--- a/lib/tls/mbedtls/server.c
+++ b/lib/tls/mbedtls/server.c
@@ -25,6 +25,8 @@ int
 lws_tls_server_client_cert_verify_config(struct lws_context_creation_info *info,
 					 struct lws_vhost *vh)
 {
+	SSL_CTX_set_verify(vh->ssl_ctx, SSL_VERIFY_PEER, NULL);
+
 	return 0;
 }