I found the following answer to the problem:
1. Add the outgoing certificate
2. Assign a "New" Web Service Call Name with Identifier "Test"
3. Assign Identifier "Test" in Call REST Service - Client certificate "Override"
The REST Call Service uses the outgoing certificate :-)
Hi Timo,
Personally, I haven't experienced that the negotiation failed, as Mendix automatically selected the correct client certificate.
The Mendix documentation shows how to configure this. Depending on what deployment model you use (locally, on-premise, private cloud, public cloud), you can configure it differently by linking the client certificate to the service you call.
See more info here: https://docs.mendix.com/developerportal/deploy/use-a-client-certificate/
Good luck!