We have a Flowable model that perform https call to another Spring Boot application.
That Spring Boot application have the necessary trusted stored setup to enforce the security. The API have been tested with Postman by setting the CRT and Private Key. Therefore I know that part is working.
Although it is not clear, from the Flowable Engine how to send our Certificate (.crt) with the private key to allow the Flowable Engine to securely perform the https call to that external system.
Perhaps there is some additional configuration required in the flowable.cfg.xml?