Spring '10 Force.com Platform Release
Callouts with Two-Way SSL Authentication

You can use two-way SSL authentication by sending a certificate with your callout. This enhances security as the target of the callout receives the certificate and can use it to authenticate the request against its keystore.

With Spring '10, you can enhance your two-way SSL security by sending a certificate generated in Salesforce.com or signed by a certificate authority (CA) with your callout. You can generate a self-signed or CA-signed certificate at Setup ➤ Security Controls ➤ Certificate and Key Management.

You can also use the new setClientCertificateName on HttpRequest to set the certificate:

Http h = new Http();
HttpRequest req = new HttpRequest();
req.setEndpoint(serviceEndpoint);
req.setMethod('GET');
req.setClientCertificateName(certName);
HttpResponse res = h.send(req);