You're right - if with "require" it does not work, then with the "optional" option it probably falls back to not checking your certificate.
How does your full apache configuration look like? I suppose that you added stuff like...
## SSL Cipher Suite:
SSLProtocol all -SSLv2
BrowserMatch ".*MSIE.*" \
nokeepalive ssl-unclean-shutdown \
And which browser are you using on the client side?
And can by increasing the "LogLevel" option to e.g. "info" do you get more informations when you fail to connect?