Is there a way to require that the subject of an ssl certificate is a certain domain (client side)?