You must obtain the client certificate to install in the Content Platform Engine truststore. You need either a self-signed certificate or a certificate that is signed by an external third-party certificate authority (CA). You do not need to deploy both types of certificates.
You can obtain the certificate from the Content Platform Engine in your network that acts as the SSL server.
To obtain the certificate from Java keystore:
keytool -export -alias cpe-alias -keypass key_password -file server.crt -keystore server.keystore
-storepass store_password
cpe-alias is the alias for this server
key_password is the private key password
server.crt is the file for the certificate
server.keystore is the name of the keystore
store_password is the keystore password