tls.client.certificate.is_unknown_ca

BOOL, read-only.

Available inrecvhashdeliverlog

True if this connection is set to mutual TLS optional mode and the valid certificate chain or partial chain was received, but the certificate was not accepted because the CA certificate could not be located or could not be matched with a known trust anchor.