Which TLS handshake messages are optional in a typical TLS 1.2 handshake?

In TLS 1.2, which messages appear depends on the chosen key exchange method and whether the server requests client authentication. The ServerKeyExchange message is only needed if an ephemeral key exchange is used (Diffie-Hellman or Elliptic Curve Diffie-Hellman). If the handshake uses static RSA for key exchange, there is no server’s ephemeral key to send, so this message can be omitted. The CertificateRequest message is only sent when the server wants to require a client certificate; many servers do not, so this message can also be omitted. By contrast, the server’s certificate (used for authentication), the ServerHello, the ClientKeyExchange (in RSA key exchange), and the ChangeCipherSpec/Finished messages are part of the essential flow and are typically present. Therefore, the two messages that are optional in a typical TLS 1.2 handshake are ServerKeyExchange and CertificateRequest.