If you serve your API through AWS API Gateway, you can easily do this by enabling mTLS and
uploading the
certificate
above as the truststore.
Security
mTLS
All outbound requests made to your webhook targets and customer card endpoints include a client TLS certificate which you can verify to achieve mutual authentication.
This certificate is self-signed. In order to verify it, we provide our CA’s certificate (in PEM format), which you will need to add to your server/truststore: