Error on verify Client with SASL External Mechanism

I’m trying to authenticate a client via EXTERNAL mech, but it is faling.

After some debugs, I noticed that the Client certificate is being validated against the S2S Truststore, not the C2S Truststore.

See the class SASLAuthentication (line 584)

trusted = CertificateManager.getEndEntityCertificate(connection.getPeerCertificates(), SSLConfig.getKeyStore(), SSLConfig.gets2sTrustStore());