I'm trying to call open banking production endpoint but It keeps kicking me out as I believe root certificate for MTLS is not picking up from the certificate store. How does postman pick the correct certificate from the certificate store?

Following is what my sandbox request looks like and it's working just fine as the certificate is getting from the certificate store.

But for production I get;

Error: write EPROTO 1316197336:error:10000410:SSL routines:OPENSSL_internal:SSLV3_ALERT_HANDSHAKE_FAILURE:../../third_party/boringssl/src/ssl/tls_record.cc:587:SSL alert number 40

When you uploading a certificate to your certificate store, is there any additional setup you have to do?

In order to use client mTLS certificates in Postman you need to configure them for each particular domain through Postman settings.

So you need to open Postman Settings -> select Certificates tab -> press Add Certificated (under Client Certificates) -> Provide Host you are connecting to as well as your certificate file and private key for the certificate (or alternatively you could use a PFX file). Also remember to provide a Passphrase from your private key, in case you use one.

And for another host you would be able to use another client certificate, which is handy.

Go to settings >> Certificates >> enable CA certificates and add Intermediate certificate This worked for me.