You can do it the same way. In your declarative config file, you can add a Certificate in the
certificates: section, and then reference its
id in the
client_certificate attribute of the Service in the
services: section. Something like this:
- id: 7fca84d6-7d37-4a74-a7b0-93e576089a41
- name: myservice
An easy way to get a complete example is to set up a development machine running Kong in DB mode, set the Certificate and the Service using the Admin API, and then run
kong config db_export to get a YAML produced with the complete configuration.
Or you can run Kong in Hybrid Mode, which will essentially do that for you: you can setup the configuration in the Control Plane node using the Admin API, and then the Data Plane node will run the configuration using an auto-generated declarative config sent from the Control Plane.