Make client certificate requests optional.

This prevents things from always failing if the server requires a client
SSL certificate.

Note that the solution used to determine if a certificate request was
made for a given request is approximate; it is timestamp based and can
theoretically give a false positive. In practice, this is very unlikely,
since another cert request had to have happened around the same time,
AND the response must be a 401/403.

Change-Id: I726b32200ed784debfa72f033f61c71bfbc2ea10
3 files changed