You should simply use your QWAC to do an mTLS request to the production endpoints.
Should we generate some new secrets or keys or is it sufficient just to upload the certificate?
You should simply use your QWAC to do an mTLS request to the production endpoints.