Use the information in this section to understand, create, and use mutual authentication profiles.
Figure 49 illustrates how mutual authentication can be used to control access to proxy services.
Figure 49
The following table summarizes the platform requirements for mutual authentication:
Table 13.
Figure 50 summarizes the configuration requirements for mutual authentication:
Figure 50 
NOTE: If the profile will be used in combination with another profile, make sure the information in each client certificate meets the requirements outlined in Combining Mutual (Certificate-Based) Profiles with Other Profiles.
After you have completed the steps in Preparing Your Network for Mutual Authentication, you can set up mutual authentication by completing the instructions in the following sections.
In the browser-based management tool, click Cache > Authentication > Insert.
Type a name for the profile in the Authentication Profile Name field.
IMPORTANT: Each profile name created on a cache device must be unique. Excelerator doesn't recognize case differences (MyProfile and myprofile are the same name to Excelerator) and it will overwrite and concatenate previously created profiles without warning if a duplicate name is used. For more information, see Authentication Dialog Box.
Check Mutual Authentication > click Options.
If the List of Trusted Roots contains the trusted root for the Client certificate the workstations will use, select the trusted root > click Insert.
If the List of Trusted Roots doesn't contain the trusted root for the Client certificate the workstations will use, click Import Trusted Root and import the appropriate trusted root.
For information on importing trusted root files, see Managing Appliance Certificates, specifically Importing a Trusted Root to a Cache Device.
Click OK > OK.
Assign the profile to one or more proxy services as described in each service tab section in Using the Cache Panel.