The CERT element

The CERT element has two required attributes, PATH and PRIV_KEY_PATH, which specify the locations of the certificate and private key.

One CERT element can be inserted in the body of an HTTPS element to bootstrap the HTTPS connection with a certificate and corresponding private key for a site that requires client authentication.

If these files are protected by a pass phrase, the pass phrase can be provided in the body of a KEY child element of the CERT element, as in the example below:
<KEY_RING>
<CA_DB>cacert.pem</CA_DB>
<SITE HOST="www.endeca.com" PORT="6000">
	<HTTPS>
		<CERT PATH="clientcert.pem" PRIV_KEY_PATH="clientkey.key">
			<KEY>AqS6+A3u+ivX</KEY>
		</CERT>
	</HTTPS>
</SITE>
</KEY_RING>

As with HTTP username/password keys, Forge expects a key for CERT to be stored in an encrypted form.

Related concepts
About using Forge to encrypt keys and pass phrases