Is using both client side certificate and JWT for IoT device redundant?

Is using both client side certificate and JWT for IoT device redundant?

Is there a case to be made for authorizing with both a client side certificate and JWT for an IoT device?

Are JWTs good enough (assuming following of the specs)?

And if client side certs are truly needed, what of expiration dates? (set the client cert expiration way out into the future, etc)?