diff --git a/cli/server/cli_server_mtls_test.go b/cli/server/cli_server_mtls_test.go
new file mode 100644
index 000000000..a19cab936
--- /dev/null
+++ b/cli/server/cli_server_mtls_test.go
@@ -0,0 +1,113 @@
+package server_test
+
+import (
+	"context"
+	"crypto/tls"
+	"path/filepath"
+	"testing"
+
+	"github.com/nspcc-dev/neo-go/internal/testcli"
+	"github.com/nspcc-dev/neo-go/pkg/config"
+	"github.com/nspcc-dev/neo-go/pkg/rpcclient"
+	"github.com/stretchr/testify/require"
+)
+
+const certDir = "../../mtlstestdata/certs"
+
+type tlsConfig struct {
+	ca   string
+	cert string
+	key  string
+}
+
+func TestServerMTLS(t *testing.T) {
+	t.Run("http", func(t *testing.T) {
+		testServerMTLS(t, testServerMTLSHttp)
+	})
+	t.Run("websocket", func(t *testing.T) {
+		testServerMTLS(t, testServerMTLSWebSocket)
+	})
+}
+
+func testServerMTLS(t *testing.T, test func(*testing.T, tlsConfig, tlsConfig) error) {
+	configs := map[string]map[string]tlsConfig{}
+	for _, ca := range []string{"CA1", "CA2"} {
+		configs[ca] = make(map[string]tlsConfig)
+		for _, peer := range []string{"1", "2"} {
+			configs[ca][peer] = tlsConfig{
+				ca:   filepath.Join(certDir, ca+"_cert.pem"),
+				cert: filepath.Join(certDir, "peer"+ca+"_"+peer+"_cert.pem"),
+				key:  filepath.Join(certDir, "peer"+ca+"_"+peer+"_key.pem"),
+			}
+		}
+	}
+
+	t.Run("good", func(t *testing.T) {
+		require.NoError(t, test(t, configs["CA1"]["1"], configs["CA1"]["2"]))
+	})
+	t.Run("wrong cert", func(t *testing.T) {
+		var verificationError *tls.CertificateVerificationError
+		err := test(t, configs["CA1"]["1"], configs["CA2"]["2"])
+		require.ErrorAs(t, err, &verificationError)
+	})
+}
+
+func testServerMTLSHttp(t *testing.T, server, client tlsConfig) error {
+	e := testcli.NewExecutorWithConfig(t, true, true, func(c *config.Config) {
+		rpc := &c.ApplicationConfiguration.RPC
+		rpc.Addresses = nil
+
+		cc := &rpc.TLSConfig
+		cc.Addresses = []string{"127.0.0.1:0"}
+		cc.Enabled = true
+		cc.RootCA = []string{server.ca}
+		cc.CertFile = server.cert
+		cc.KeyFile = server.key
+	})
+
+	cfg, err := rpcclient.TLSClientConfig([]string{client.ca}, client.cert, client.key)
+	require.NoError(t, err)
+
+	endpoint := "https://" + e.RPC.Addresses()[0]
+	c, err := rpcclient.New(context.Background(), endpoint, rpcclient.Options{
+		TLSClientConfig: cfg,
+	})
+	require.NoError(t, err)
+
+	defer c.Close()
+
+	return c.Init()
+}
+
+func testServerMTLSWebSocket(t *testing.T, server, client tlsConfig) error {
+	e := testcli.NewExecutorWithConfig(t, true, true, func(c *config.Config) {
+		rpc := &c.ApplicationConfiguration.RPC
+		rpc.Addresses = nil
+
+		cc := &rpc.TLSConfig
+		cc.Addresses = []string{"127.0.0.1:0"}
+		cc.Enabled = true
+		cc.RootCA = []string{server.ca}
+		cc.CertFile = server.cert
+		cc.KeyFile = server.key
+	})
+
+	cfg, err := rpcclient.TLSClientConfig([]string{client.ca}, client.cert, client.key)
+	require.NoError(t, err)
+
+	endpoint := "wss://" + e.RPC.Addresses()[0] + "/ws"
+	c, err := rpcclient.NewWS(context.Background(), endpoint, rpcclient.WSOptions{
+		Options: rpcclient.Options{
+			TLSClientConfig: cfg,
+		},
+	})
+	if err != nil {
+		// For the websocket client, NewWS() creates a connection,
+		// so TLS handshake error will be returned from there.
+		return err
+	}
+
+	defer c.Close()
+
+	return c.Init()
+}
diff --git a/mtlstestdata/certs/CA.cnf b/mtlstestdata/certs/CA.cnf
new file mode 100644
index 000000000..da40d997e
--- /dev/null
+++ b/mtlstestdata/certs/CA.cnf
@@ -0,0 +1,12 @@
+[ req ]
+prompt = no
+distinguished_name = req_distinguished_name
+
+[ req_distinguished_name ]
+C = US
+ST = Localzone
+L = localhost
+O = Neo Go Testing Certificate Authority
+OU = Develop
+CN = localdomain
+emailAddress = root@localhost.localdomain
diff --git a/mtlstestdata/certs/CA1_cert.pem b/mtlstestdata/certs/CA1_cert.pem
new file mode 100644
index 000000000..cf7f9dc45
--- /dev/null
+++ b/mtlstestdata/certs/CA1_cert.pem
@@ -0,0 +1,25 @@
+-----BEGIN CERTIFICATE-----
+MIIELTCCAxWgAwIBAgIUMBz3pVD+hKVLC+LloiKR20rmQEcwDQYJKoZIhvcNAQEL
+BQAwgbcxCzAJBgNVBAYTAlVTMRIwEAYDVQQIDAlMb2NhbHpvbmUxEjAQBgNVBAcM
+CWxvY2FsaG9zdDEtMCsGA1UECgwkTmVvIEdvIFRlc3RpbmcgQ2VydGlmaWNhdGUg
+QXV0aG9yaXR5MRAwDgYDVQQLDAdEZXZlbG9wMRQwEgYDVQQDDAtsb2NhbGRvbWFp
+bjEpMCcGCSqGSIb3DQEJARYacm9vdEBsb2NhbGhvc3QubG9jYWxkb21haW4wHhcN
+MjQwNjA1MTI0MzMyWhcNMjkwNjA0MTI0MzMyWjCBtzELMAkGA1UEBhMCVVMxEjAQ
+BgNVBAgMCUxvY2Fsem9uZTESMBAGA1UEBwwJbG9jYWxob3N0MS0wKwYDVQQKDCRO
+ZW8gR28gVGVzdGluZyBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkxEDAOBgNVBAsMB0Rl
+dmVsb3AxFDASBgNVBAMMC2xvY2FsZG9tYWluMSkwJwYJKoZIhvcNAQkBFhpyb290
+QGxvY2FsaG9zdC5sb2NhbGRvbWFpbjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCC
+AQoCggEBAJTnwrEIB2rgHoRcgdjGcm28iNyPVaxWFxlUiMCNZjsj/GzIfR5oUWM/
+Qau35mB5h4bFfSMS3XGEZ2eli1qIBIGhlIliKK4t1TDPKkPppcrzp3bKKwKGHhyw
+sIeUdG+6165led3ciiCiJI0BVlpGeZjO6FNGMieHe9nPahjBIu+tm5er9WRAgIvS
+qcQPKEy6dX6nivakNDH9XO+mAlltEvSf1O1rrYxTYXqR6c3iSbUIycm79jt7n8cI
+/3MkFs7WhmT112ZdE8eI5No54hMWeaEXeQmZ4WBqLSQU6FsQfb77+B4f0bMtOGfy
+8RoX59GSXqPu2dpCvCOuC6ftAaVx2v8CAwEAAaMvMC0wDAYDVR0TBAUwAwEB/zAd
+BgNVHQ4EFgQUSSahwFPWaizsjFDXu32S9cqiNcUwDQYJKoZIhvcNAQELBQADggEB
+AHdfddsxnlXZARhZc+CkLccH/E8ej0b6f5+FWB0O1c0/UG/AvUuTFrDXE7NaFwQU
+EfJdtPWCU8dBcNm/eKX69+X31uZcSULe8uN1woq66ij3SskjWUDa6/22tALtipt9
+6H1vIfFuzpQdFfJcXarqZCacZET/XCqit8wj3DTbks/xe+aWPVdo+ukwxQEYWeXB
+oyzAqw8cU7uxgd6NXbEBMwl38zHSapfV374BHdj2tngni4VDSdeQOijFHbpwACId
+x6eDwtuPvQohSKPCQkiKXGJEfJGaWybaBkc7a/t+peSqCvXUfioBygaEkarg0Z4x
+nOoyvxfot4xaaDIWOP6fIaY=
+-----END CERTIFICATE-----
diff --git a/mtlstestdata/certs/CA1_cert.srl b/mtlstestdata/certs/CA1_cert.srl
new file mode 100644
index 000000000..44cd13153
--- /dev/null
+++ b/mtlstestdata/certs/CA1_cert.srl
@@ -0,0 +1 @@
+62D019D50D8A9FD6A74B14E2FC735F89B0530C49
diff --git a/mtlstestdata/certs/CA1_key.pem b/mtlstestdata/certs/CA1_key.pem
new file mode 100644
index 000000000..0085e3a84
--- /dev/null
+++ b/mtlstestdata/certs/CA1_key.pem
@@ -0,0 +1,28 @@
+-----BEGIN PRIVATE KEY-----
+MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCU58KxCAdq4B6E
+XIHYxnJtvIjcj1WsVhcZVIjAjWY7I/xsyH0eaFFjP0Grt+ZgeYeGxX0jEt1xhGdn
+pYtaiASBoZSJYiiuLdUwzypD6aXK86d2yisChh4csLCHlHRvuteuZXnd3IogoiSN
+AVZaRnmYzuhTRjInh3vZz2oYwSLvrZuXq/VkQICL0qnEDyhMunV+p4r2pDQx/Vzv
+pgJZbRL0n9Tta62MU2F6kenN4km1CMnJu/Y7e5/HCP9zJBbO1oZk9ddmXRPHiOTa
+OeITFnmhF3kJmeFgai0kFOhbEH2++/geH9GzLThn8vEaF+fRkl6j7tnaQrwjrgun
+7QGlcdr/AgMBAAECggEALmBmc1OwV7mY15mmOVlJT2M+bw9XXBbuF84Lz4jak8XX
++xuQWHWeD56mefCLWHXRX4jHujJIdPALcq0NE3O0j5k/FXDUgbc1pH+JRuCQ6f5s
+JGO/9IfH/iCLwpZak2fqf98MDyz+ej51ytLlTbWQbqbWlgURXt1kFgjzHuWcV3BN
+YbGd2Qt8nDKAj2teSWoYUpEnyxKyWVywDJhVG6qvP77jMk+R8jWB0Aj78kWh7klO
+hYKMjgeX2riAFPhe3/ALAp8sqF3Kwaog2dW853Q51iA2mmwOb7bNRTtaSnVmU1EU
+My7NAP440pB5lg6W+Dyq6PlAZ8HFXUc0E08VxjstvQKBgQDPoKvjWlbF9bEX5L5x
+zqekDrTBrEha1UfXWKdhIXjfHToOoy8pk5SSRmgRi8pthdgkKQcEAgdQm+a+Q0oS
+lsNDzMUBgfj42N7AyKUq0Eb77RnKzazwhHalgOj41crvE9FyJUE9YlnA5mPbzCI+
+ztylRhHagpWQPK3wQDBclnEscwKBgQC3mMXLNL7vDA/J0qyEcLYnvIYGNcpE9XNj
+pdO1atoMHZsNsfFCtl+6hYT0u0DzhQfJqCSwGJR8sRvV7BnBsVNYCGuKduAX52kZ
+IFRCgWywLHsXSKQeKEW3qPu3wu6LQSZ0CKwbs89/5jq6/u46j+SSnDng2/KqN80T
+YNMDJPOgRQKBgQCO19tp7x0D1KSh652abrKnC/cPx5d/5nwmi7eb+4tM9K6co2gv
+EnmEqSuv5py9/PdW6WMKPtsJejilbWXopBBy9M4U23aOvaWCvIfljKVJbTXxcM8q
+Kff2pVmi2HNlSB0wirD3qlJVhCvva+GjlG34xtxBmNWNBjIkuASNrnLuQQKBgB2w
+gNvZjb7ObocuoGNSbsKCRBIhBLKeFqjYmiHOQ7CN4RMX4XHuWBCrotKIrXoz2wyL
+OlOXxftcEKpJYejmqhmkUu+zRY3YCDDd/4I5t7/NkaI0RwXxcUS/+OTAix7NzFAb
+Tumz7Cw8qOawbwndVxM2XE22g8lu+KTXlYf+o78ZAoGAXmvUqjp/OXL+Ke65K4pZ
+yqE52o7AlwxMMedDt0eGf+DHJkgvfv7PaSwaVPAxq1S6ckdAwFAYlwAHI0YU+YbX
+39iZvk/8tmksqfUnZfHAXFCCB8gnODXhSgT5b89ATZrxaq1mjhv+5YtCfRukg6C1
+UpvF9q0hQZR0EVFc62AE9aw=
+-----END PRIVATE KEY-----
diff --git a/mtlstestdata/certs/CA2_cert.pem b/mtlstestdata/certs/CA2_cert.pem
new file mode 100644
index 000000000..b076ef887
--- /dev/null
+++ b/mtlstestdata/certs/CA2_cert.pem
@@ -0,0 +1,25 @@
+-----BEGIN CERTIFICATE-----
+MIIELTCCAxWgAwIBAgIUcBn6P43bTXmrhKeUFC6sb67azscwDQYJKoZIhvcNAQEL
+BQAwgbcxCzAJBgNVBAYTAlVTMRIwEAYDVQQIDAlMb2NhbHpvbmUxEjAQBgNVBAcM
+CWxvY2FsaG9zdDEtMCsGA1UECgwkTmVvIEdvIFRlc3RpbmcgQ2VydGlmaWNhdGUg
+QXV0aG9yaXR5MRAwDgYDVQQLDAdEZXZlbG9wMRQwEgYDVQQDDAtsb2NhbGRvbWFp
+bjEpMCcGCSqGSIb3DQEJARYacm9vdEBsb2NhbGhvc3QubG9jYWxkb21haW4wHhcN
+MjQwNjA1MTI0MzMyWhcNMjkwNjA0MTI0MzMyWjCBtzELMAkGA1UEBhMCVVMxEjAQ
+BgNVBAgMCUxvY2Fsem9uZTESMBAGA1UEBwwJbG9jYWxob3N0MS0wKwYDVQQKDCRO
+ZW8gR28gVGVzdGluZyBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkxEDAOBgNVBAsMB0Rl
+dmVsb3AxFDASBgNVBAMMC2xvY2FsZG9tYWluMSkwJwYJKoZIhvcNAQkBFhpyb290
+QGxvY2FsaG9zdC5sb2NhbGRvbWFpbjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCC
+AQoCggEBAKT+wLz7bRhFkBQGl9JfB77dtDo10lud1CnJAOAp8YzSx6eLZYqD82yr
+HWuCEeXsDXtVHinWggKKYSvsMsZkSb8tMYDHufAgATiathYBxOGxgmDgPves0TgO
+sx4mB7Q/zVSX5j/Xu0NJMkshQmX3xwTJm59SIdia+FJsY3yyWBwU3SjWg9sdsgTo
+239X91vceaATqJKSqvHj2aGHD3Ok9p3rUzsEbG7tIiLfMl6h8SgsjNN9C+h2YlGC
+OMvbu0fPXz2HhU/modR2WtURJNnRUnvlxEw7EW76Rgs+YHgCT9YcoXN8sAt0svJT
+NOLFx43ynfpI87Jm0GwTuUYCQVzdJHMCAwEAAaMvMC0wDAYDVR0TBAUwAwEB/zAd
+BgNVHQ4EFgQUv6yYE+TmGTL9qvoh+HwcBEJClF4wDQYJKoZIhvcNAQELBQADggEB
+ABmqYkUsZhNZUxraquK8yj13Ci3ctyXV27i8TemDAbahWBghhmYB2T9DT0gS4g96
+j3Vxw7SY2RaEWXn0aYfMJ6h9aj9W7W1gqvFipi9kQgCxDc8llhmZ6VaQjt1Pzv2D
+EwaetJJ9CwGK3RQ0A147bkIb36WEGysKvj/dybKbA5kKll0tBDMWPn8gkT9JCjnH
+bmJB/VbtE+h1zQBtDbw2JRhCavFz9oD1vZzDWMFNDFSki8RzPA2BEXjPNdHibyE1
+Ge+zFopkl2M9stPs0ov1Ik97GotqjwEwJ2gx1dDalOeX5Jh44DmM3j7TOJrmZLW4
+IAUpjyb1xYYir/xJmw0ZvRg=
+-----END CERTIFICATE-----
diff --git a/mtlstestdata/certs/CA2_cert.srl b/mtlstestdata/certs/CA2_cert.srl
new file mode 100644
index 000000000..28c2badff
--- /dev/null
+++ b/mtlstestdata/certs/CA2_cert.srl
@@ -0,0 +1 @@
+582A3A273BD489F09B8FC30052945CF2C3BEDD3F
diff --git a/mtlstestdata/certs/CA2_key.pem b/mtlstestdata/certs/CA2_key.pem
new file mode 100644
index 000000000..464aa49b6
--- /dev/null
+++ b/mtlstestdata/certs/CA2_key.pem
@@ -0,0 +1,28 @@
+-----BEGIN PRIVATE KEY-----
+MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQCk/sC8+20YRZAU
+BpfSXwe+3bQ6NdJbndQpyQDgKfGM0seni2WKg/Nsqx1rghHl7A17VR4p1oICimEr
+7DLGZEm/LTGAx7nwIAE4mrYWAcThsYJg4D73rNE4DrMeJge0P81Ul+Y/17tDSTJL
+IUJl98cEyZufUiHYmvhSbGN8slgcFN0o1oPbHbIE6Nt/V/db3HmgE6iSkqrx49mh
+hw9zpPad61M7BGxu7SIi3zJeofEoLIzTfQvodmJRgjjL27tHz189h4VP5qHUdlrV
+ESTZ0VJ75cRMOxFu+kYLPmB4Ak/WHKFzfLALdLLyUzTixceN8p36SPOyZtBsE7lG
+AkFc3SRzAgMBAAECggEAS5FiNSvyi2tQ0dszLebYZVKleQOtlMh0o66r9/894oGn
+b9UobIiCtQKqNtMb33J9uj8B0aetY/x9BODpYHQOUsEgKxtOzevao1I4k1u8EKJ8
+VGJgdI9yQ3p4Dxbb8HJIWLY5foQQAIFFx6M0Bf+15ztvS0kSt2JC2X1LE5GbSUCI
+wmTZKNtHh279sjJyhPtxVwjxwvYrH0x10/79nvEhPCara4l+7RM/auf0wYQBq90d
+vflvZQgIyqI6tWi0uLLNS+2/HWlv8Q3x+pw3xFBWNPVwwBiCqAkcLFOwUdUKCzj/
+97aOIZjB1fEcZvHoM35mTtTrMRk3TxxqDD1PoLFUAQKBgQDQoKZ/lVzMVStqBEzp
+BoWfhU2OrHyCt/7L7vfqNNoZ6bUUWhWJ0L3LFFUJswqBqz+2cqIPgCAFVoHJTVGT
+aT9IJut5BGw9KM5lPHi2PK5CHCaPU0bB2x64lqpt/ehBrjzfQ4pWCOAMwtkJJb1J
+sGMBL/v4zn+sp3yQmlSoldiauwKBgQDKdckp0ZZ0Zq2R8rfGWvOXWq+liGgvr1KW
+bVUizn79EXvGo1j2WUD5MAvMnXYcqFR3K7YHEIek31e5hviaNhs6lDIPeYdhK2a0
+kWDfU2EQVC9ULLr5VHCIFkjsJxaK4ON75241O4/68EVXM1vgWAvYLJfPt6buejAN
+k98H35KNqQKBgHC+sNv4Avtl951Gj63K2YGYz44QBwW5m5foH9BRGaCxXSuPd15Q
+EZFi/oXMXRwwSLE3h/8qdaOM2XzJLRGl6g37AnwW+MugdtHc+Ts61c1iWzBPh8iR
+uyt0OMxSUCbWm4zoeiT+jN44moPIAmCFUyu8G8adCgBrTvTyglfNCw6rAoGBALY+
+enrjR8y11I3o71Zk7pqSrkOSWz55Uh1Ig3dWa+b/guyWg3EVfLASeLySDQzU1VuE
+hFEtpvxZcwz1GvkttSrw1XMqkRt9xvDJYGsHEftx3DyoGxJu2PEXJkM1GEyhDQSu
+mXzfhcZ7298Xwx9aAidwVKNNDL3kTTcboYrjzHcpAoGBAMT8bn/11GFzx0HLmumV
+8OAEMRA8BhUvqEKT64DrPfTKfK2iYZ7vbA2jQyAkkaIih9OfsC6Fmhx2MWOYHqJ+
+/uae1da99ygJ3079qwUZZqS16WNIHr+micGtE0X5hc9xFaLFfvuhMXtHWOVtKLRb
+K0iKynoYLwt3LpMf4iGU320H
+-----END PRIVATE KEY-----
diff --git a/mtlstestdata/certs/generate b/mtlstestdata/certs/generate
new file mode 100755
index 000000000..a96b859ed
--- /dev/null
+++ b/mtlstestdata/certs/generate
@@ -0,0 +1,37 @@
+#!/bin/bash
+
+outdir="${1:-./out}"
+
+genca() {
+    local name="$1"
+
+    echo "Generating $name ..."
+    openssl req -nodes -new -x509 \
+        -keyout "${name}_key.pem" \
+        -out "${name}_cert.pem" \
+        -addext basicConstraints=CA:TRUE \
+        -days 1825 -config CA.cnf
+}
+
+gencert() {
+    local ca="$1"
+    local i="$2"
+
+    openssl req -sha256 -nodes -newkey rsa:2048 \
+        -keyout "peer${ca}_${i}_key.pem" \
+        -out "peer${i}.csr" -config "peer${i}.cnf"
+    openssl x509 -req -days 398 -in "peer${i}.csr" \
+        -CA "${ca}_cert.pem" \
+        -CAkey "${ca}_key.pem" \
+        -CAcreateserial -out "peer${ca}_${i}_cert.pem" \
+        -extensions req_ext \
+        -extfile "peer${i}.cnf"
+    rm "peer${i}.csr"
+}
+
+genca CA1
+genca CA2
+gencert CA1 1
+gencert CA1 2
+gencert CA2 1
+gencert CA2 2
diff --git a/mtlstestdata/certs/peer1.cnf b/mtlstestdata/certs/peer1.cnf
new file mode 100644
index 000000000..08759a880
--- /dev/null
+++ b/mtlstestdata/certs/peer1.cnf
@@ -0,0 +1,24 @@
+[req]
+default_bits  = 2048
+distinguished_name = req_distinguished_name
+req_extensions = req_ext
+x509_extensions = v3_req
+prompt = no
+
+[req_distinguished_name]
+countryName = US
+stateOrProvinceName = Localzone
+localityName = Localhost
+organizationName = Certificate signed by my CA
+commonName = peer1.localdomain
+
+[req_ext]
+subjectAltName = @alt_names
+
+[v3_req]
+subjectAltName = @alt_names
+
+[alt_names]
+DNS.1 = node_one
+IP.1 = 127.0.0.1
+IP.2 = 172.200.0.1
diff --git a/mtlstestdata/certs/peer2.cnf b/mtlstestdata/certs/peer2.cnf
new file mode 100644
index 000000000..11a2dd861
--- /dev/null
+++ b/mtlstestdata/certs/peer2.cnf
@@ -0,0 +1,24 @@
+[req]
+default_bits  = 2048
+distinguished_name = req_distinguished_name
+req_extensions = req_ext
+x509_extensions = v3_req
+prompt = no
+
+[req_distinguished_name]
+countryName = US
+stateOrProvinceName = Localzone
+localityName = Localhost
+organizationName = Certificate signed by my CA
+commonName = peer2.localdomain
+
+[req_ext]
+subjectAltName = @alt_names
+
+[v3_req]
+subjectAltName = @alt_names
+
+[alt_names]
+DNS.1 = node_two
+IP.1 = 127.0.0.1
+IP.2 = 172.200.0.2
diff --git a/mtlstestdata/certs/peerCA1_1_cert.pem b/mtlstestdata/certs/peerCA1_1_cert.pem
new file mode 100644
index 000000000..ec91813c2
--- /dev/null
+++ b/mtlstestdata/certs/peerCA1_1_cert.pem
@@ -0,0 +1,25 @@
+-----BEGIN CERTIFICATE-----
+MIIEIDCCAwigAwIBAgIUYtAZ1Q2Kn9anSxTi/HNfibBTDEgwDQYJKoZIhvcNAQEL
+BQAwgbcxCzAJBgNVBAYTAlVTMRIwEAYDVQQIDAlMb2NhbHpvbmUxEjAQBgNVBAcM
+CWxvY2FsaG9zdDEtMCsGA1UECgwkTmVvIEdvIFRlc3RpbmcgQ2VydGlmaWNhdGUg
+QXV0aG9yaXR5MRAwDgYDVQQLDAdEZXZlbG9wMRQwEgYDVQQDDAtsb2NhbGRvbWFp
+bjEpMCcGCSqGSIb3DQEJARYacm9vdEBsb2NhbGhvc3QubG9jYWxkb21haW4wHhcN
+MjQwNjA1MTI0MzMyWhcNMjUwNzA4MTI0MzMyWjB3MQswCQYDVQQGEwJVUzESMBAG
+A1UECAwJTG9jYWx6b25lMRIwEAYDVQQHDAlMb2NhbGhvc3QxJDAiBgNVBAoMG0Nl
+cnRpZmljYXRlIHNpZ25lZCBieSBteSBDQTEaMBgGA1UEAwwRcGVlcjEubG9jYWxk
+b21haW4wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCjIyW+qOID4Ruh
+3svjEXwxoxWQOAqrIsZKiLGgHDwMCW5hDcQUXIzZA7ZjEdy1DqAEZD2EQp/vIYU9
+fDnJxrURV9lwrq/ERkGDBy8UknmxiFBRPPjmWfmp9U2iCZu/jHrudI5E7U1cqQn0
+lFOmVB+TYGRkFs4NgGiQwnYfvn4V2x+iJVbQZBZj6khQfUg0N4qdy6qnSPOW3Ln6
+CgTXT/tWV3zX77pgWh6Mu9xbSSIEVs5pvfzJD5/mwTfhlIC8lG67vCo/Y7whuox+
+89BzDl1Qmv6N7n2/PrNSLx4LL1ReUQIpn9Hw7A1P1BtC+iSgs4+6HTf0OT37mnyo
+Ar5Ax2MJAgMBAAGjYzBhMB8GA1UdEQQYMBaCCG5vZGVfb25lhwR/AAABhwSsyAAB
+MB0GA1UdDgQWBBTG/bTyZR1yrgYppvo1wBmaK1VHKDAfBgNVHSMEGDAWgBRJJqHA
+U9ZqLOyMUNe7fZL1yqI1xTANBgkqhkiG9w0BAQsFAAOCAQEAbbxFcSgPWf9Xn4ya
+46yunM9i7Wt+ORZhfqjJvQlkw3fvGw6Eey5Qd992YTtEKl9Zqn9bqV63dq5QLkHU
+kS8AT6ugl+BaOOI/3X9Sy51f2H7toPMLFl0e4zEp4/lk5vnKwNPAG+meP5w5CAPJ
+1nJKJ6juEAHdZ5GdfZtpkQTUmPrd2EuLzWCwfsnR2tAHk3wWs7CqHNZEJFDmFuDf
+UT8idamDuo+Z9LMj4+O6fZGFi3NOgf5wAs1WPGB+rzqQ7sRYRt1hpJG/1K34A8dN
+tQVe/3zPz0K/v3Wx8cYF+kXVUPF1gFeohErS23FmQE3iGo6yfs+r4sZPJ4LU0QTv
+rFQqCQ==
+-----END CERTIFICATE-----
diff --git a/mtlstestdata/certs/peerCA1_1_key.pem b/mtlstestdata/certs/peerCA1_1_key.pem
new file mode 100644
index 000000000..eb6878947
--- /dev/null
+++ b/mtlstestdata/certs/peerCA1_1_key.pem
@@ -0,0 +1,28 @@
+-----BEGIN PRIVATE KEY-----
+MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCjIyW+qOID4Ruh
+3svjEXwxoxWQOAqrIsZKiLGgHDwMCW5hDcQUXIzZA7ZjEdy1DqAEZD2EQp/vIYU9
+fDnJxrURV9lwrq/ERkGDBy8UknmxiFBRPPjmWfmp9U2iCZu/jHrudI5E7U1cqQn0
+lFOmVB+TYGRkFs4NgGiQwnYfvn4V2x+iJVbQZBZj6khQfUg0N4qdy6qnSPOW3Ln6
+CgTXT/tWV3zX77pgWh6Mu9xbSSIEVs5pvfzJD5/mwTfhlIC8lG67vCo/Y7whuox+
+89BzDl1Qmv6N7n2/PrNSLx4LL1ReUQIpn9Hw7A1P1BtC+iSgs4+6HTf0OT37mnyo
+Ar5Ax2MJAgMBAAECggEAAIKOPka3ISm5nUON6d1uwNV4jmk8cE1FJyu++WgJMITx
+h0Rkn+crqgyCzBO818SOT8Ez94dBSn01dkwefqDcRUv74igrpL6O+x7BQQxVrM5H
+KP/aq9atawB5MAfdaKeC5V6wKKtAvgjJvw3dJpSV/i8TlUQEfCKSARzYg3AkIwOZ
+cjtgnPymv8s3J2QWvb2EgdV/NkJjlWWA+v+KvGggHXoJMwQeKHpk+zZP0OOJWK/f
+n9upesSsDvVcxDAkbHYeBS57rVD3RRqL62hRhayx2L1vtxr1yqkjrFfsDcxlzeZA
++JQuGwu90gaqeLOOC0icIuGOdU8AgrXRzE2hMf80IQKBgQDONwmb+r4hY9oG54Gb
+BooH3mYyQzUv7qs72M4Z5pe43tdQ/e99YryEUwAj8WwOMEUmwcJsjXs3PQ6O4LR3
+91J9BooYY34aG51TlQ/HsZEQV/GIMPzptFOLtNMB9Zih54dwGq4tR5IRs4BR1U8k
+FSa2uxEamnlPfV9twtTiDmr4qQKBgQDKhbmtkk+Zii6fTiCHb+R+Z0xsCzvKLDkk
+yPUGpouPp5NRvc1qArRNFtk0pgakpvd+cbz6D/f2ypjreoHd2BsTOmyBoZ1dNktt
+I7Jz6awhyZtOA2HafaZ7MweU27Oe4Yz5MtXsOlVO1uqsEuMUvVbnsI3MnH5mfxFY
+JwbQUvmzYQKBgCISHdhTmU5S/Rbe8R73+Z5LNH9hc0w0Fr6Ql5zX6IF28ARFsGf7
+BEKopAFMRhoiB4rbwI/G4HDD+b/JiIe5qTtW9UIKTi9qGJhSrITF5b3ZieKClYbX
+cGZIvgQ427sEUfBHuDdq98tM6QqcP7Mqe3b9eVn348sqX7X21s1yrGHhAoGAMtCy
+8jZP+rqNUDOOPe15a64HouR+sA/AltZFhNGtGvJ1KIFzVTIwg1dEUM2HxTCP0Q5A
+2I3BLg9Pp2Ypx7w9rult6Gjgz06cRlo6oJL1OdUYPs7icqwsZaU8NcGapDb75Fs5
+CfjpBssuPtbOW5nWgHPwYHKz1Iv1kiTYtNTdCoECgYEAlUrFQCRvemGIT6xiqq2/
+9cu+6EOTPt8y2HMGrt7PQbpAnml6NzAc89oWIX9z2QCbUIdLekSDyrKJ4co1N1Wa
+5eUlAH2jlEN7Z+aP7BXwBM8sftpPxDYXYAcezMFjgo5+qD9EtPV3/eD/yWMKMNq6
+VbSAUdrJYF+y00i03c1K2aU=
+-----END PRIVATE KEY-----
diff --git a/mtlstestdata/certs/peerCA1_2_cert.pem b/mtlstestdata/certs/peerCA1_2_cert.pem
new file mode 100644
index 000000000..d656f92d3
--- /dev/null
+++ b/mtlstestdata/certs/peerCA1_2_cert.pem
@@ -0,0 +1,25 @@
+-----BEGIN CERTIFICATE-----
+MIIEIDCCAwigAwIBAgIUYtAZ1Q2Kn9anSxTi/HNfibBTDEkwDQYJKoZIhvcNAQEL
+BQAwgbcxCzAJBgNVBAYTAlVTMRIwEAYDVQQIDAlMb2NhbHpvbmUxEjAQBgNVBAcM
+CWxvY2FsaG9zdDEtMCsGA1UECgwkTmVvIEdvIFRlc3RpbmcgQ2VydGlmaWNhdGUg
+QXV0aG9yaXR5MRAwDgYDVQQLDAdEZXZlbG9wMRQwEgYDVQQDDAtsb2NhbGRvbWFp
+bjEpMCcGCSqGSIb3DQEJARYacm9vdEBsb2NhbGhvc3QubG9jYWxkb21haW4wHhcN
+MjQwNjA1MTI0MzMyWhcNMjUwNzA4MTI0MzMyWjB3MQswCQYDVQQGEwJVUzESMBAG
+A1UECAwJTG9jYWx6b25lMRIwEAYDVQQHDAlMb2NhbGhvc3QxJDAiBgNVBAoMG0Nl
+cnRpZmljYXRlIHNpZ25lZCBieSBteSBDQTEaMBgGA1UEAwwRcGVlcjIubG9jYWxk
+b21haW4wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDOn6sLFRRUHeIn
+FxCxGHmbmW44jXG1HEWdxVN9269RIxBxsjoy/BnIZwzY2Qxq+ypxSYw9oDVTvOaN
+FlVrEVCEaHXgkPAsWKT3x+pwav+Of2tyhG31As3juC2XIBLUtYk3fjo9WLBJ3zlk
+61bJljMIGq/s8D3O9mvENPYdxZFfSi3ldd/gfmAcBNR5Cr7cZgRqgAqBYfHA1yYn
+GnW3jaVsG+azQNl9JsjjJbt8P8FPnWk0OtIrvLf1K/gDrhBLawtWzVx2hDIWJrFr
+x50WGT8n0rFSwzpdBCPSVi/DgpsXnijxhgSFXM9LwNW/xMsdA099AptOtwYZnSA1
+nK2w2xU9AgMBAAGjYzBhMB8GA1UdEQQYMBaCCG5vZGVfdHdvhwR/AAABhwSsyAAC
+MB0GA1UdDgQWBBQ8NZUHcQMX91htaMbmClg0qUHt8TAfBgNVHSMEGDAWgBRJJqHA
+U9ZqLOyMUNe7fZL1yqI1xTANBgkqhkiG9w0BAQsFAAOCAQEAFGz0L3M66l1x18Wl
+K9AwdyxsnxSH0IbmzZByBa3GiIvVGwAsrkpJorQIS4y7bguMrY3glnYE028mUKyN
+KvMWcABt4+88K74wT4t7+uFbV4b+rL9S96cqck5Yvjv4wfOFa4k7YG/4u/QgKCY7
+09ibmR+a8/LFAdq2JLCVO3aJzhvpWaAt4bihS9RpqwxhsdIQ+awzKLJxU0RHHfo7
+TKVjcAJLfvzxWhV69OhhD0X89fb7lPAOtdbSe45eghPYsv8YnBqi52m/3hlPgp+/
+xApTsXjDb8y5nNGPNkQ7KmES1rwYSvzEkXyQfb7AD+l6sWSxZpzE3e39juTABn8h
+ocUsLg==
+-----END CERTIFICATE-----
diff --git a/mtlstestdata/certs/peerCA1_2_key.pem b/mtlstestdata/certs/peerCA1_2_key.pem
new file mode 100644
index 000000000..7b3f2f4fb
--- /dev/null
+++ b/mtlstestdata/certs/peerCA1_2_key.pem
@@ -0,0 +1,28 @@
+-----BEGIN PRIVATE KEY-----
+MIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQDOn6sLFRRUHeIn
+FxCxGHmbmW44jXG1HEWdxVN9269RIxBxsjoy/BnIZwzY2Qxq+ypxSYw9oDVTvOaN
+FlVrEVCEaHXgkPAsWKT3x+pwav+Of2tyhG31As3juC2XIBLUtYk3fjo9WLBJ3zlk
+61bJljMIGq/s8D3O9mvENPYdxZFfSi3ldd/gfmAcBNR5Cr7cZgRqgAqBYfHA1yYn
+GnW3jaVsG+azQNl9JsjjJbt8P8FPnWk0OtIrvLf1K/gDrhBLawtWzVx2hDIWJrFr
+x50WGT8n0rFSwzpdBCPSVi/DgpsXnijxhgSFXM9LwNW/xMsdA099AptOtwYZnSA1
+nK2w2xU9AgMBAAECggEAZT8tD5GlM/CuvCvbtIPDNyEwNsrscGwpmr0yA8aNukrd
+yHCmfww0UBRa4bk9kgCAFCIPc7UY3G8AZBsRARVraG5NcJxk674GHBpcgPiVQEyk
+qGlG/huBKvg5cse3In7P/Z6/SAc43wHgfFirXr1YRTzaftZb2xm5xduTzBPe/5sV
+i9BFCjqS7X7xfaOdjgFfF25f1Cww1+ajfyLx7OjxtTxZ9EWZHZC4MRElD31zHKUA
+g93vEl8eThbWBP1QtP4SsxrdYIZ57jTKu5qJR8E0yoyW+bfy7hvb4E9qXfXsvSts
+VVk+rzUdyjLYa1T/i3koxrKccspoE1ePOO5WPPzuGwKBgQD/hIGNeVwQTXq6HKqO
+Y1nBh8iRvBXARoRAF8z867z/S1z083uK3aEyQfjFD25MSfsLyAOWP2n29J54rmJU
+9WEdpqUFx8unggbEV7poCCfjYMx1qAhTI5o61NJMq0qTtSuByHqwy2Dl5tmITyby
+NYt8KGROMU3Gfi0GnBoKgs6NjwKBgQDPA4f9xWQLm65OgdmX23CDToO9vNn3XwZY
+1aCuI94l6s8HnllOnSXHNgNWU+0odfeGjcsGv9HQV5MvMd/xy+T/d7aYHH8mNIWj
+R+nag2X38gtyRla5sHcTVrdqN2HKhxSkc6an5nvZlW4pyPKs5oWUJ9+8aK9vxDE3
+8KsvKzOicwKBgEdWPjk6Taq7hu0Y/cEdGbz/ZM7TPRteVKP0QSXHxw9bggtdQvul
+HtECPCsAQOIJsY47fEzhTXtGFkxJG2juzPtTQDVZ75DHq437lC5hQImpx8t9az2S
+7gdIzaHcHMkaRphIWYCsd1QYXFlDB/ONYXD7ce2mtDkblwSGZnrSxEofAoGAN/tx
+fEw0KPt54Ns2t91tCOVjtRzsKPx2n/FtmYozmjdss1e8OQlAXSYbMu5RVT7JqIaR
+4AphuCDmub2YHTCRhhCevXX/YJqVhTl+YUxld+7p74ZcD61MFlu+EChX9sge6fYo
+nIE0/vttJjmkfuN8PjumQrJgty3sTX91G7VoKkcCgYBwhhB9TTFG3KNMReX51J4L
+kKCBNu22HHJ5dBCah8rqRMsU8BVfGg2Nm2FZr4VKlm1c6NXD7hfilCpnROySMRMR
+V7be1dTfKDre5tNHyQvtH8FheZ66BVOnIYsFd1j9Qvhb/H8CScs9hb6QW/l1lEKq
+1UlE/hQed7qh0R9Ri98chQ==
+-----END PRIVATE KEY-----
diff --git a/mtlstestdata/certs/peerCA2_1_cert.pem b/mtlstestdata/certs/peerCA2_1_cert.pem
new file mode 100644
index 000000000..93cbd0b18
--- /dev/null
+++ b/mtlstestdata/certs/peerCA2_1_cert.pem
@@ -0,0 +1,25 @@
+-----BEGIN CERTIFICATE-----
+MIIEIDCCAwigAwIBAgIUWCo6JzvUifCbj8MAUpRc8sO+3T4wDQYJKoZIhvcNAQEL
+BQAwgbcxCzAJBgNVBAYTAlVTMRIwEAYDVQQIDAlMb2NhbHpvbmUxEjAQBgNVBAcM
+CWxvY2FsaG9zdDEtMCsGA1UECgwkTmVvIEdvIFRlc3RpbmcgQ2VydGlmaWNhdGUg
+QXV0aG9yaXR5MRAwDgYDVQQLDAdEZXZlbG9wMRQwEgYDVQQDDAtsb2NhbGRvbWFp
+bjEpMCcGCSqGSIb3DQEJARYacm9vdEBsb2NhbGhvc3QubG9jYWxkb21haW4wHhcN
+MjQwNjA1MTI0MzMyWhcNMjUwNzA4MTI0MzMyWjB3MQswCQYDVQQGEwJVUzESMBAG
+A1UECAwJTG9jYWx6b25lMRIwEAYDVQQHDAlMb2NhbGhvc3QxJDAiBgNVBAoMG0Nl
+cnRpZmljYXRlIHNpZ25lZCBieSBteSBDQTEaMBgGA1UEAwwRcGVlcjEubG9jYWxk
+b21haW4wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCms5mlQ+C4Vlga
+fxC2l5itn/+jUKHtMyz8blawn0Y6VVGcDlZdj4tLxBJt9lb/4R7YOXKF1RMAQRjW
+N5WGI95WizXTIT9aqO2RdKqUc9UkGu7Iyu/SL873ZefIOr+/G6Ekj7VAnHN7/pR/
+rWaUvuXivXE2QBfMKzEpiIrmgQbDlMKdxaT4UFqTMLBd5Uzal4NTwXY0sGBVPoe0
+W6LvvCG8hm7oe+JH6Gt7L7ksasE4LACTHXA/5IoGpw6sc9acwfhhnA3xAQenR0WQ
+/L1AduD3l4UCpb2+7n126opnhk5pbTAxnnRaLhlJjTN5gmv6tLacBZgjGWgygYTA
+XE0akvA9AgMBAAGjYzBhMB8GA1UdEQQYMBaCCG5vZGVfb25lhwR/AAABhwSsyAAB
+MB0GA1UdDgQWBBRVpSZPhcfqKDCRSO8bGgqERcfr3DAfBgNVHSMEGDAWgBS/rJgT
+5OYZMv2q+iH4fBwEQkKUXjANBgkqhkiG9w0BAQsFAAOCAQEAHcgwV/EIegh9zVrr
+eA6sbbtcgWaGG0EAbLCHPSUQSNYcbYqW05qu5hM0O2uGhG3lKH6j53uXtw1Xj14A
+Ro/ovEny5qh0r4qqOMvS4mJ6/GP5ykt92mIj2UBzZK29z3iWahyubZ843M235Vnd
+2p2mk9pP4Jkzlv9ABv9mqZwKrhNuk8wR/oWaH7eVErBsgOqr8Wavmrac48ZfYLus
+rFlAmpQA9OeR1tnn1kApX8PmeUsedOOIuqZBYqaVnC4fedSXjlsT3omjmN9+XURf
+rQsORiwkcU2ov9nLVRT40An/FDcFTbBhqMykTxrYtkksCKtFmpGLD4SMvNX8wAal
+ux/EEQ==
+-----END CERTIFICATE-----
diff --git a/mtlstestdata/certs/peerCA2_1_key.pem b/mtlstestdata/certs/peerCA2_1_key.pem
new file mode 100644
index 000000000..b1681050a
--- /dev/null
+++ b/mtlstestdata/certs/peerCA2_1_key.pem
@@ -0,0 +1,28 @@
+-----BEGIN PRIVATE KEY-----
+MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCms5mlQ+C4Vlga
+fxC2l5itn/+jUKHtMyz8blawn0Y6VVGcDlZdj4tLxBJt9lb/4R7YOXKF1RMAQRjW
+N5WGI95WizXTIT9aqO2RdKqUc9UkGu7Iyu/SL873ZefIOr+/G6Ekj7VAnHN7/pR/
+rWaUvuXivXE2QBfMKzEpiIrmgQbDlMKdxaT4UFqTMLBd5Uzal4NTwXY0sGBVPoe0
+W6LvvCG8hm7oe+JH6Gt7L7ksasE4LACTHXA/5IoGpw6sc9acwfhhnA3xAQenR0WQ
+/L1AduD3l4UCpb2+7n126opnhk5pbTAxnnRaLhlJjTN5gmv6tLacBZgjGWgygYTA
+XE0akvA9AgMBAAECggEAInCnDNuD7RmbnKfFSG/z8WUFn9RMC/EfeWyDWPyi+fDA
+Ck10/uHl3aqdwx2adkVohbQCqs8tXIdWbgVwTRUSfY9HuL2c9OpDIKK5ji+LKKku
+zYmNt/88E2U4mGe4zy8SYPcWs4lPG54qSGGG+LKi1HAemF5v/DStNL86sSoVf2jh
+wPJoH+JwL7EoF8KF0X1Jb1ou9b1aVmImy4oMc2um1x68gdE8qdwA/NMSMpVn5Z2Q
+hVzHByHqo5EuZVMLhFtGflXSJNUpiti8ICUBrXSCLrKrVFW+aQO4C2ADHHTMSoKk
+jr7bg3gPiXRACU/rJDtaie0K4Mdpx4fvkol6+6FsUQKBgQDoo/94AM1Q1LF0VNnA
+xzKWE6V2JxfyLbj+ojqD2ffH4toZ6EHLffin+WplLlkJj2bfwEUvoT5HDmUrR6d4
+gz/DCSgr/pqmvTVeMPw4jAeF+1Z50azyJ1EQjBYWwTjzIvHUAS5Xb4LQ66YEjbed
+0Ar39cgtDiFQNV1CToKGNWWXEQKBgQC3cKVdjGCSzitdp3GIGHWb8RRSmpJdRAUU
+pUOfaM5OMsDgi44K4Boqi6J0A4WiN83uhHV7mRZIPFnE1HrmKIs5qyDYzpkP2pgD
+hVKQsVl9wuzc+1cGS2R5v7S9YRMo8p6ten6jaFNV1oV8GXV6RHZP0HQhV5VdC0aG
+7W2BAwO+bQKBgEFs9cjK+PL1jh54SnET1F8ukUcEQZDDWRaLi0dPgoa9frbwgah3
++flLhKeF/FZa9QSSLyLxBvG2067zTN7wknsIVTriNJ4V8i9WOWixwN/mSnCiDjBf
+7EVqEEBAAQMn3bjQyDagzrpwu1TmgjAotRz9C1nYcnf7OgoOyFh0JejxAoGAKwBi
+E3rrzJ499jdhWtj5APRTokWP2AMw+bUAFCdabWRiaIDubEg6egy/qViGBA/221n7
+vFyXp5lWJdj1cmzArmUaTxinMts4VWL0huy8IMoIAol8zgHwbMXu1ZIjDq9JWTtk
+4mN7XZzrL7s8Gcxgu7cO8h346pXRE6Im0F5ni0UCgYEAzO6qqoqVBjiELBgvaeiR
+IpfnUW7XioGqUhWQnpd16iJmk4KVaxoLqTPIyWpDtHnyDZIeBvth5Z6DrNhEfXQb
+2D1axvufxYnm9BAnnTzSJSO4VZOKb2XvVkpir4yr/EEcVQY/5FMfErZB8I7JEdtG
+Q+E4nCA1hmD7cVNs3lR4hnc=
+-----END PRIVATE KEY-----
diff --git a/mtlstestdata/certs/peerCA2_2_cert.pem b/mtlstestdata/certs/peerCA2_2_cert.pem
new file mode 100644
index 000000000..ccb9f1c02
--- /dev/null
+++ b/mtlstestdata/certs/peerCA2_2_cert.pem
@@ -0,0 +1,25 @@
+-----BEGIN CERTIFICATE-----
+MIIEIDCCAwigAwIBAgIUWCo6JzvUifCbj8MAUpRc8sO+3T8wDQYJKoZIhvcNAQEL
+BQAwgbcxCzAJBgNVBAYTAlVTMRIwEAYDVQQIDAlMb2NhbHpvbmUxEjAQBgNVBAcM
+CWxvY2FsaG9zdDEtMCsGA1UECgwkTmVvIEdvIFRlc3RpbmcgQ2VydGlmaWNhdGUg
+QXV0aG9yaXR5MRAwDgYDVQQLDAdEZXZlbG9wMRQwEgYDVQQDDAtsb2NhbGRvbWFp
+bjEpMCcGCSqGSIb3DQEJARYacm9vdEBsb2NhbGhvc3QubG9jYWxkb21haW4wHhcN
+MjQwNjA1MTI0MzMyWhcNMjUwNzA4MTI0MzMyWjB3MQswCQYDVQQGEwJVUzESMBAG
+A1UECAwJTG9jYWx6b25lMRIwEAYDVQQHDAlMb2NhbGhvc3QxJDAiBgNVBAoMG0Nl
+cnRpZmljYXRlIHNpZ25lZCBieSBteSBDQTEaMBgGA1UEAwwRcGVlcjIubG9jYWxk
+b21haW4wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDk1hs2OnNlwv4Q
+TfqDwhjMmNB2X/yNP/tV2ith8JWccCsRExAAOTXdNITNpVcxAglThPmJwOa37Tie
+roVL/tdwM4NguGj0bhh5U4ponRYMLrOz3bffwi3OuzR/3UwajCqLCMqHhgSLX//j
+VwVRy51zsKL/4H6x4HpnAuMGF6b4JQuhVn7rZjGZGePrUS9H95V1HUFYMJeaVYCh
+2w7LI1atdKyGJ6CQn3vreV++ewh1MCfYo6nr+Mb6sCud68onxKrimNQ6XiiaUa/u
+e/v1yfyj+oxkeleFXwqNEF066TurqRKpteCZndjpGY4NP+jbvdpd8dqvqEAXVuU+
+bzMzUL5bAgMBAAGjYzBhMB8GA1UdEQQYMBaCCG5vZGVfdHdvhwR/AAABhwSsyAAC
+MB0GA1UdDgQWBBQ5QklSyEl7Rmq6X4as/rbAZ5DYYDAfBgNVHSMEGDAWgBS/rJgT
+5OYZMv2q+iH4fBwEQkKUXjANBgkqhkiG9w0BAQsFAAOCAQEAj6AUm5xdZbXUwq65
+nK+Fu28ciR7/fcp10CcM30B3ujwi9ktKW8ECNKs+rcGJ37H2FYVt9kjdZHyJHliv
+giwWcVYHd9g2J4cSn3+YzVTGZAm9XArw8U69LV3LN2oz2NESLEEFzBtb0zt5mOEV
+hYg7tez5qoGf4udfIg49z3yFeSXvMOhijYbNI7OTXyK0Y2W9qsEA+Uw9aoq6ePRQ
+y5KLb6+EERvGByD0vbRdxoUIoXVVE3K5wnINrKzT4Zxe6R3xTUShEkbLi87fEB3m
+hN1srmin/vpy1b4oqZdmYxpBPvnUit4LzK6Wliv0RALEikoYYBMrbIn0mvylguyK
+RlJXFw==
+-----END CERTIFICATE-----
diff --git a/mtlstestdata/certs/peerCA2_2_key.pem b/mtlstestdata/certs/peerCA2_2_key.pem
new file mode 100644
index 000000000..c677de040
--- /dev/null
+++ b/mtlstestdata/certs/peerCA2_2_key.pem
@@ -0,0 +1,28 @@
+-----BEGIN PRIVATE KEY-----
+MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQDk1hs2OnNlwv4Q
+TfqDwhjMmNB2X/yNP/tV2ith8JWccCsRExAAOTXdNITNpVcxAglThPmJwOa37Tie
+roVL/tdwM4NguGj0bhh5U4ponRYMLrOz3bffwi3OuzR/3UwajCqLCMqHhgSLX//j
+VwVRy51zsKL/4H6x4HpnAuMGF6b4JQuhVn7rZjGZGePrUS9H95V1HUFYMJeaVYCh
+2w7LI1atdKyGJ6CQn3vreV++ewh1MCfYo6nr+Mb6sCud68onxKrimNQ6XiiaUa/u
+e/v1yfyj+oxkeleFXwqNEF066TurqRKpteCZndjpGY4NP+jbvdpd8dqvqEAXVuU+
+bzMzUL5bAgMBAAECggEAWSWbxj1xFTSoezuVm1yzAomJtIPiRDintiNfATGTZzU/
+YdB2TE/9TuaV0fNWi04KyhGkkOioOQDeLNs6LIfj797xkG1m3cpCGInWArknjKlo
+8moupqnj5ISDiEhyzGjMbguHstIf1RgZ/Lu648mZ1ib66QnQ8YTMynKSdJ4kOsif
+LkKfywnwimpAcZbNi8igh5VUcKXF/bUiyPS3ROYxDMNj82M+Hap0SKyCEy1PvIjl
+1mXiBWKW/9k5/fuq6UXe7f1mNmXQf7c2PNJqiwBuH/XmPNrcs/VemTO1TXP9M4DP
+tt/y8FH+EBiHptPrKYrQHzzAuOk0wTjYNlxz5jw/aQKBgQD0v/B1MJLm3oIXUzya
+sVUurRDN7pW56jmlDgT9hcbs2L0c1cqq7rC0HyYXzPASAUL2i5vv7mQ24+J8dXRM
+XsAWR99zLi0V0kqYZoOpUzFPa2nBLnwsYVfGO53SXcrTES5ZVEugqa8WUY1/CEL/
+/+Injyy9yt2WVni/90uI8atxfwKBgQDvWuh1gO6W9fcOrwzCC4mpY4yWAYhE+0Un
+c3lV1F8w/4m9mtpsMWnsQVAOCmVcuuQ29ANXK+i50TGOE6oCMVTLbv4z25xIinwW
+dTkS2+vRyR1uTY4ry1avc4GT8lVCiTFS7kfJ6pvnKN90uuR73tYjB5gpgEV8zEXC
+szvoZaQpJQKBgBoC0BZUTDh3C1JZSUaTdB8ay39nTMhOaUPuYn9jGUoQmsCWxAw4
+g9UQvmanJBh1w90Z5z+vkTz4KRjbDroTE80KZGgET0xTZhQeSP3U1pe/LaUXQKEi
+00ZBDbvOtgCKgeeCeusfPXlcv3HxudUlJ67Wm4WsKrKQjBKywHdUX8kXAoGBAKTf
+MtaVvEMiJE7qB1i2h9m1J8bAQXR6vHTjVsXnZrainueK/j+eff7uMk2pnY6VcdPk
+m1R1e3Zbgc4C/41JG8aRqupfsLRLKBR0JJ83+6Vi6jHrnC3Qf+KVJsGZIF+XjvE4
+Dx0nzMIa5mlKv04P/eLdPVQA9lxzfO4TdgWr1bs9AoGAHuWWTCqJ02npGfFp1Jpb
+l6Jrf9WseMgpkL+Q+1uDSdTv8dqwrnNfvwE6xHKYLOY/xYR9B1N/padG+gIKyi1+
+L/hKNN7Sslxfr1gYhtqfJ47wnCFOB8Z21KZSNwiBfr21p5uhTolNCGNGrqF5Stcc
+D1eCreiloDIe2yXx+nFxkDA=
+-----END PRIVATE KEY-----
diff --git a/pkg/services/rpcsrv/server.go b/pkg/services/rpcsrv/server.go
index 494288149..9741d1877 100644
--- a/pkg/services/rpcsrv/server.go
+++ b/pkg/services/rpcsrv/server.go
@@ -3167,9 +3167,12 @@ func escapeForLog(in string) string {
 // Addresses returns the list of addresses RPC server is listening to in the form of
 // address:port.
 func (s *Server) Addresses() []string {
-	res := make([]string, len(s.http))
-	for i, srv := range s.http {
-		res[i] = srv.Addr
+	res := make([]string, 0, len(s.http))
+	for _, srv := range s.http {
+		res = append(res, srv.Addr)
+	}
+	for _, srv := range s.https {
+		res = append(res, srv.Addr)
 	}
 	return res
 }