Configuring SSL
  
Configuring SSL
Each controller is manufactured with its own self-signed certificate and private key that uniquely identifies that controller. For detailed information about SSL, see the SteelHead User Guide.
The Client Accelerator Controller provides you with these SSL options.
SSL task
Reference
Enable SSL in Client Accelerator policies
You can enable SSL in your endpoint policies. For details, see About policy settings for SSL.
Create SSL peering relationships
You can create peering relationships between the controllers and the SteelHeads in your network. You must have a trusted peer relationship to create these clusters. For details about controller clusters, see To configure SSL peering.
View Client Accelerator certificate details
You can view the current controller certificate details. For details, see To view signing CA details.
Add chain certificates
If your organization uses internal CAs to sign its SSL server certificates, you must import each of the certificates (in the chain) onto the controller. For details, see To add a chain certificate.
View certificates in Privacy Enhanced Mail (PEM) format
You can view the certificate in Privacy Enhanced Mail (PEM) format. For details, see To view a CA in PEM format.
Replace (import) certificates
By default, the controller ships with a default peer certificate. We recommend that you replace the default peer certificate with a certificate with a matching common name and security parameters (key length). For details, see To replace a Client Accelerator signing CA.
Export certificates
You can export the signing CA of the controller to the peer SteelHead and then import it to establish the peer relationship. For details, see To export an existing certificate.
Generate certificate signing requests (CSR)
You can generate a CSR for the current private key. For details, see To generate a CSR.