"Trusted Server Certificates" of "Route Via Http (s)" does not work properly.
Article ID: 104011
STARTER PACK-7CA Rapid App SecurityCA API Gateway
When using the "Route Via HTTP(S) Assertion" and selecting an unrelated certificate the backend service connection succeeds without error. The expected behavior is that this connection would fail.
It is a bug.
CA API Gateway - 9.3(or lower)
This is happening because Global Root CA imported into the Gateway and is marked as Trust Anchor. The workaround is to unmark Global Root as a Trust Anchor or just remove the Global Root CA certificate from the Trusted Certificates.