OK, I should have been more precise. SSL client certificate authentication does not work as the session is being set up between client and Avast (MITM) and not proxied to true destination SSL server. So in cases where server requests SSL client certificate Avast MITM does not send any because it does not have client’s private key anymore.