How to attach multiple certificate-key pairs to a TLS client? is it possible?

Question

Can we attach multiple certificate-key pairs to a single TLS client? Say for example:-

Is it possible to have - client-A has a certificate-1 signed from CA-1 and certificate-2 signed by CA-2 and so on. Assuming each certificate will have its own private-key pair.

So, when Client-A sends the N number of certificate-key pairs to a TLS-Server, say Server-A, based on the pre-installed CA certificates in the Server it would result in successful validation of Certificate-1 of client and failed validation of certificate-2(server doesn't have the CA-2 certificate). If the above mentioned scenario is possible what will be the outcome? Will the TLS handshake be successful or will it fail ?

Also, can someone share an example of how to attach multiple certificate-key pairs, either using openssl commands or programatically, say in a C program.

Answer 1

The client can not send multiple leaf certificates to the server and the server will pick the one it likes. Instead the client will send a single leaf certificate including the necessary certificate chain and it will provide a CertificateVerify message which is signed by this single leaf certificate as proof of ownership of the matching private key.

This means the client needs to decide which of the possible certificates to send. The server can send a list of accepted CA to guide the client but even then there might be multiple certificates possible. In this case the client needs to somehow decide which of these to send, for example by asking the user.