| Connected Account | The connected account to use for the request | Connected Account | Yes | |
| Certificate file name | Name for and, optionally, path to the generated certificate file. /nsconfig/ssl/ is the default path | Text (Short) | Yes | |
| Certificate format | Format in which the certificate is stored on the appliance | Predefined Choice List | Yes | |
| Certificate type | | Predefined Choice List | Yes | |
| Certificate request file name | Name for and, optionally, path to the certificate-signing request (CSR). /nsconfig/ssl/ is the default path | Text (Short) | Yes | |
| Ca certificate file name | Name of the CA certificate file that issues and signs the Intermediate-CA certificate or the end-user client and server certificates | Text (Short) | Yes | |
| Ca certificate file format | Format of the CA certificate | Predefined Choice List | Yes | |
| Ca private key file name | Private key, associated with the CA certificate that is used to sign the Intermediate-CA certificate or the end-user client and server certificate. If the CA key file is password protected, the user is prompted to enter the pass phrase that was used to encrypt the key | Text (Short) | Yes | |
| Ca private key file format | Format of the CA certificate | Predefined Choice List | Yes | |
| Private key file name | Name for and, optionally, path to the private key. You can either use an existing RSA or DSA key that you own or create a new private key on the Citrix ADC. This file is required only when creating a self-signed Root-CA certificate. The key file is stored in the /nsconfig/ssl directory by default | Text (Short) | Yes | |
| Ca serial file number | Serial number file maintained for the CA certificate. This file contains the serial number of the next certificate to be issued or signed by the CA | Text (Short) | Yes | |
| Private key format | Format in which the key is stored on the appliance | Predefined Choice List | Yes | |
| Pem passphrase (for encrypted ca key) | Name for and, optionally, path to the private key. You can either use an existing RSA or DSA key that you own or create a new private key on the Citrix ADC. This file is required only when creating a self-signed Root-CA certificate. The key file is stored in the /nsconfig/ssl directory by default | Text (Short) | No | |
| Subject alternative name | Subject Alternative Name (SAN) is an extension to X.509 that allows various values to be associated with a security certificate using a subjectAltName field | Text (Short) | No | |
| Validity period (number of days) | Number of days for which the certificate will be valid, beginning with the time and day (system time) of creation | Text (Short) | No | |