secure-peering generate-cert rsa

secure-peering generate-cert rsa [key-size {512 | 1024 | 2048}] [common-name <string>] [country <string>] | [email <email-address>] [locality <string>] [org <string>] [org-unit <string>] [state <string>] [valid-days <integer>]

key-size	Specifies the key size: 512, 1024, 2048
common-name <string>	Specifies the common name of a certificate. To facilitate configuration, you can use wild cards in the name; for example, .nbttech.com. If you have three origin servers using different certificates such as webmail.nbttech.com, internal.nbttech.com, and marketingweb.nbttech.com, on the server-side SteelHeads, all three server configurations may use the same certificate name .nbttech.com.
country <string>	Specifies the certificate two-letter country code.
email <email-address>	Specifies the email address of the contact person.
locality <string>	Specifies the city.
org <string>	Specifies the organization.
org-unit <string>	Specifies the organization unit (for example, the company).
state <string>	Specifies the state. You cannot use abbreviations.
valid-days <integer>	Specifies how many days the certificate is valid. If you omit valid-days, the default is 2 years.

You need only add unique certificates to a Certificate Pool on the server-side SteelHead. When a client initiates an SSL connection with a server, the SteelHead matches the common name of the servers certificate with one in its certificate pool. If it finds a match, it adds the server name to the list of discovered servers that are optimizable and all subsequent connections to that server are optimized.