How do I setup OD-128 Test 2.3 for SSL client certificate authentication of the CPE?

From OD-128 Section (Test 2 part 3):

The purpose of this test is to validate that the ACS and CPE can
interact over SSL, using server certificate authentication for the
ACS and client certificate authentication for the CPE.

During this test case CDRouter’s ACS will request a client certificate from the CPE as part of the SSL handshake protocol. The CPE must provide a certificate to the ACS to pass this test or the SSL handshake will fail resulting in a failed test. The certificate that is returned is not validated against a specific CA.

Note that a client certificate may need to be installed or imported on to the CPE in order to run this test if the CPE does not have a built-in client certificate.

For more information on client certificate authentication with SSL/TLS, please see this Wikipedia article.