The reverse_proxy directive’s HTTP transport options have the TLS options you need:
In addition to that though, Caddy can act as an ACME CA for mTLS if your backends support ACME:
If you mean client auth for incoming connections rather than when Caddy acts as a client to a proxy, then the tls directive has configuration for client auth: