So unfortunately this is functioning as designed. The issue you are seeing is that the TLS connection is refusing to be established in the first place so you don’t even have the opportunity to send some sort of HTTP response because you never get a working channel. Usually client certificates are used in APIs so this isn’t much of a problem. So if your TLS connection refuses to get set up, it is either a client certificate permissioning problem or the server’s certificate is not trusted. If you need a better user experience than this, I’d suggest not using client certificates.