Hello Everyone, I'm new to Apigee and am trying to setup the following.

I have one API Proxy which is passing through requests to a backend target which is using Client Certificates to authenticate the user executing the call.

The Proxy will be used by multiple users, each one having their own credentials and personal client certificate and all pointing to the same target endpoint.

I have configured a Proxy, with a Target Endpoint pointing toward the endpoint.

On the Endpoint I have configured the following:

<HTTPTargetConnection>         
<Properties/>         
<SSLInfo>             
<Enabled>true</Enabled>             
	<ClientAuthEnabled>true</ClientAuthEnabled>
        <KeyStore>xxx-int-certs2</KeyStore>             
	<KeyAlias>xxx-int-tomtest</KeyAlias>             
	<TrustStore>xxx-int-root</TrustStore>         
</SSLInfo>         
<URL>https://xxxxx.yyyyyyy.zzzzzz.eu/enpoint</URL>     
</HTTPTargetConnection>

An this works fine for one user.

However, if I try to configure a second certificate for a different user, it does not work. I tried creating a second Key Alias under the same KeyStore, and creating a second Keystore with another single Alias in it, but still not working, therefore I presume I have to implement some sort of conditional logic, selecting the certificate according to the user connecting.

I guess I can get the decrypted username connecting using a BasicAuthentication Policy, however, is there any recommendations on how/where to setup the logic to select the certificate to be used? Or is there any other way to get this to work in a more efficient way?

Thank you to anyone for all your help.

Tommaso