Partner should use the private key of their own SSL certificate to sign the original request payload.