We are using setKeyAndChain service to make a HTTPS call to a thirdparty system.
The setKeyAndChain service seems to take PrivateKey and CertFiles as input.
Could someone please clarify what this PrivateKey could mean.
The builtin services guide doesnt seem to talk about it, it just tells we need to provide the absolute or relative path of the file that contains the key.
I hope it is not the PrivateKey of the thirdParty since no one shares their privateKey with their client.
If an SSL client wants to assert its identity to an SSL server, e.g. when client certificates are used, then it must sign some data with its private key. Thus you must tell the client IS the private key you want to use, in order for it to do this signing. This private key won’t go to the invoked server, only the public key and the signed data.