Control | Description |
Enable SSL Optimization | Enables SSL optimization, which accelerates applications that use SSL to encrypt traffic. By default, this option is disabled. You can choose to enable SSL optimization only on certain sessions (based on source and destination addresses, subnets, and ports), or on all SSL sessions, or on no SSL sessions at all. An SSL session that’s not optimized simply passes through the appliance unmodified. |
Add a New SSL Certificate | Displays the controls to add a new server certificate. Certificates should be added to the server-side SteelHead. |
Name | Specify a name for the proxy certificate (required when generating a certificate, leave blank when importing a certificate). |
Import Existing Private Key and CA-Signed Public Certificate (One File in PEM or PKCS12 formats) | Imports the key and certificate. Click this option if the existing private key and CA-signed certificate are located in one file. The page expands displaying Private Key and CA-Signed Public Certificate controls for browsing to the key and certificate files or a text box for copying and pasting the key and certificate. The private key is required regardless of whether you’re adding or updating. |
Import Single File | • Local File—Browse to the local file. • Text—Paste the contents of the file. • Decryption Password—Specify the decryption password, if necessary. |
Exportable | Select this check box to enables the certificate and server key to be exported. This is the default setting. |
Server List | Specify the server list in the text box. |
Import Existing Private Key and CA-Signed Public Certificate (Two Files in PEM or DER formats) | Imports the key and certificate. Click this option if the existing private key and CA-signed certificate are located in two files. The page expands displaying Private Key and CA-Signed Public Certificate controls for browsing to the key and certificate files or text boxes for copying and pasting the keys and certificates. |
Import Private Key | • Local File—Browse to the local file. • Text—Paste the contents of the file. • Decryption Password—Specify the decryption password, if necessary. |
Import Public Certificate | • Local File—Browse to the local file. • Certificate Text—Specify the certificate text. |
Exportable | Select the check box to allow the certificate and server key to be exported. |
Server List | Specify the server list in the text box. |
Generate New Private Key and Self-Signed Public Certificate | Click this option to generate a new private key and self-signed public certificate. |
Private Key | • Cipher—Select the key length from the drop-down list. • Cipher Bits—Select the key length from the drop-down list. |
Common Name | Specify the common name of a certificate. To facilitate configuration, you can use wildcards in the name: for example, *.example.com. If you have three origin servers using different certificates such as webmail.example.com, internal.example.com, and marketingweb.example.com, on the server-side appliance, all three server configurations can use the same certificate name *.example.com. |
Organization Name | Specify the organization name (for example, the company). |
Organization Unit Name | Specify the organization unit name (for example, the section or department). |
Locality | Specify the city. |
State | Specify the state. |
Country | Specify the country |
Email Address | Specify the email address of the contact person. |
Validity Period | Specify how many days the certificate is valid. |
Exportable | Select the check box to allow the certificate and server key to be exported. |
Server List | Specify the server list in the text box. |
Add | Adds the server certificate. |