Hi Megi,

last time I did that was a while back, but I configured it like this:

1. In the mendix cloud you have the option for access-restriction-profiles. Here you can upload a Certificate Authority. This is used to validate if the incoming certificate is signed with the CA.

2. In the Path Based Access Restrictions of your application you can create or edit lines. Select the custom profile you created in step 1.

Now you have configured the incoming rules of your application. All connections to the REST service will be checked against the CA. If the certificate is not signed with the uploaded CA, there is no valid authorization.

3. In the outgoing connections section you can assign a certificate to a REST service. 

This service will then assign the uploaded certificate to the REST service and use it in all the calls for this REST service. Meaning on the otherside the certicate can be matches against the CA uploaded in step 1.

Using OpenSSL I created my own Certificate Authority (because when using a default provider, half the world has access to your REST service). With this CA you can create the needed certificates to assign to the REST service.

Hey Megi,

https://docs.mendix.com/refguide/custom-settings/

you need to manually add it to project and add to your yaml file.

Best regards, Slavko