We are using Client Certificates as a sort of two factor authentication on published webservers which should only be accessable for internal users. So we enroll certificates on the Client devices.
For RocketChat we use a reverse proxy with NGINX wich "client Certs enabled:
This works with the Mobile Webapp version in Chrome, Firefox and so on, but does not work with the Android / iOS App.
Please implement Client Certificates in the Apps to make more secure communication available.