When configuring a BeyondTrust PBPS Vault record, you will need to provide a certificate and private key if your server requires a certificate for authentication. Both must be defined together or skipped. The certificate you enter must be trusted by the PBPS web server. See below to know if a certificate is required for your setup.
Follow these steps in your password safe:
1) Go to Passord Safe.
2) Go to Application API Registration and pick the application key.
3) Look at the Client Certificate Required check box. If checked, you must provide the certificate & the private key in your BeyondTrust PBPS Vault record.
Learn more about setting up a BeyondTrust PBPS Vault record.