diff --git a/ChangeLog b/ChangeLog
index 39b030a..0422ffd 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,9 @@
+2012-10-22 1.6.2-dev
+	Bug fixes (security):
+	- Fix the issue with verification of clients when using multiple
+	'tls' config blocks (RADSECPROXY-43) for DTLS too. Reported by
+	Raphael Geisser.
+
 2012-09-14 1.6.1
 	Bug fixes (security):
 	- When verifying clients, don't consider config blocks with CA
diff --git a/dtls.c b/dtls.c
index bbebfef..3772113 100644
--- a/dtls.c
+++ b/dtls.c
@@ -354,6 +354,7 @@ void *dtlsservernew(void *arg) {
     X509 *cert = NULL;
     SSL_CTX *ctx = NULL;
     uint8_t delay = 60;
+    struct tls *accepted_tls = NULL;
 
     debug(DBG_DBG, "dtlsservernew: starting");
     conf = find_clconf(handle, (struct sockaddr *)&params->addr, NULL);
@@ -367,10 +368,11 @@ void *dtlsservernew(void *arg) {
 	cert = verifytlscert(ssl);
         if (!cert)
             goto exit;
+        accepted_tls = conf->tlsconf;
     }
 
     while (conf) {
-	if (verifyconfcert(cert, conf)) {
+	if (accepted_tls == conf->tlsconf && verifyconfcert(cert, conf)) {
 	    X509_free(cert);
 	    client = addclient(conf, 1);
 	    if (client) {