Using the field for the "trusted ssl hosts" entity, where do we specify the certificate we will be using to do client authentication?

In Gateway, there''s one field that controls whether Gateway will check PassPort for an entity, the "local alias" in the security profile.

If you wish to achieve client authentication you will need to specify your own private certificate entity in the TLS security profile in the "Local entity." The server authentication will be carried out automatically, because when connecting to a server, a completed local entity field will trigger a request to PassPort to check for the certificate received from the server. When the client needs to send a certificate, it will use the entity in "Local entity" to fetch the certificate from PassPort.

Therefore, you do not need to specify the entity name for the server certificate in Gateway. This will have the effect of limiting the partners who are allowed to connect to only those whose public certificates and/or public keys are stored in PassPort. If you specify an entity in the remote partner entity filter in the CGate or in the "Partner entity" field in the security profile, the connections will be limited to only those public certificates and keys in the entities specified.

Please refer to the Gateway and PassPort user guides for more information.