For FTPS, clients can be forced to supply a valid client certificate (not available in the Standard Edition). This setting can be found by navigating to Settings->FTP/FTPS->Advanced FTP/FTPS Settings->Security Settings. The "Clients must supply certificates" setting is set to "Don't require valid certificate" by default, but can be changed to "Require valid certificate".
If a valid certificate is required, all FTPS clients must send a certificate that may be validated against the Windows certificate store. This means that its issuer's certificate must be in the Windows 'Trusted root certificate authorities' store. This store may be managed using the Windows Administrative Tools, or by clicking '...' to the right of this security setting (this will bring up the Certificate Management dialog).
