I have a couple of issues;
1. SFDC claims that setClientCertificate is deprecated, and to use setClientCertificateName instead, so where exactly am I supposed to upload or install the Server Certificate generated for my secure server? I was surprised that I could not upload a cert of a CA when I added my secure servers URL to the remote sites section. Furthermore following the "please use setClientCertificateName" links it points me to a section that shows me how to generate certs on SFDC.
Thats not going to happen for the following reasons;
a. I don't require two way ssl
b. I am making callouts.
2. For development, we do our own signing. i.e. I am my own CA and I generate a bunch of server certs signed by this CA. So how do I get SFDC to trust my dev CA. I am hardly going to go to verisign to get certs signed for development servers on my end, nor am I going to allow anyone to call into my servers without SSL.
So in short;
I need SFDC APEX calls to behave like a browser would, where RESTful calls to HTTPS just work, if you install the CA that signed those certs. It should be as simple as that, and I can't believe I am the only one that has run into this issue.
Anyone have some guidance