First of all, can you clarify if you are using our cloud or on-prem version?
In order to make requests with the client certificate, you need to have both public and private keys, and as you mentioned, when you provided both to Postman it worked as expected.
Tyk expects the same, so your first attempt at uploading combined PEM file was right, however not sure why you got such error, without detailed description. Uploading only “public” certificate won’t work in this case.
So, since your public cert was uploaded successfully, I wonder if the issue with private key format. If you open this combined PEM file, you should see 2 records in this file, looking like:
----- <PUBLIC HEADER> ------
----- END <PUBLIC HEADER> ----
----- <PRIVATE HEADER> ------
----- END <PRIVATE HEADER> ----
If possible can you pls post here values of this headers, for sure without certificates contents. And for private keys, pls check if there are additional headers like
Proc-Type: 4,ENCRYPTED or similar.
Also, you can try to manually concatenate key and cert files, just in the text editor, and try uploading it to tyk.
Also, you mentioned that you uploaded the certificate and “Certificates” section of the dashboard.
Do not forget that to make it work with mutual TLS upstream, you should also go to API designer, “Advanced tab”, “Upstream Certificates” section, and specify both domain and certificate Id you want set for this url.
Hope it helps!