How does Two way SSL work while consuming a POST Web Service using REST widget

In my project I am trying to Consume a POST WebService using  two way SSL. The SSL setup is done at both the end and I have the cert file both in pem and pfx format. I am trying to use this cert file to make the POST call from local run. Once it works in local I will try to replicate the same in PCF as well.  I imported the pfx files in certificate tab of my project settings and it worked.   Eventually, my application would be running from PCF cloud and would consume the same webservice. Hence, I am trying to make it work with runtime settings as stated in the mendix documentation.   The problem is that I am not sure  If all the three variables i.e. CACertificates , ClientCertificatePasswords and  ClientCertificates should be used or only ClientCertificatePasswords and  ClientCertificates variables to be used. What is the difference between CACertificates  and  ClientCertificates ?   If would be great if someone can help and suggests the steps required to achieve this.  
1 answers

Custom runtime settings are controlled in the “App → Settings” section of the App Explorer in Studio Pro. Once you’re in there, go to “Configuration tab → Choose a config and edit → Custom tab”. That’s where you put the settings from the link you found.

Now, if all you have is a PEM file, then you probably have a Certificate Authority cert. If that’s the case, you’ll use the CACertificates runtime setting with a path to your PEM file. That’s not really two-way SSL though.

For two-way SSL you should have a client certificate where you hold the public and private key. If that’s the case, you’ll have a .pfx or .p12 file, and you’d use the ClientCertificates, ClientCertificatePasswords, and related runtime settings.