In RESTEASY-1926 the SeBootstrap.Instance can be booted with SSL enabled, but allow clients to connect with no certificate. However, this does not work with the ManualClosingApacheHttpClient43Engine. We may need to either change the ClientHttpEngineBuilder43 to only register an secure socket factory if an SSLContext was set.

Another option might be to look at defaulting to the java.net.http.HttpClient. Both may be a breaking change, but the latter could be a better breakage as the Apache Client could still be used without any breaking changes.