| HTTP-01 through NetScaler content switching and responder objects | | -ValidationMethod http, -CsVipName |
| HTTP-01 with an existing LB VIP instead of a CS VIP | | -ValidationMethod http, -UseLbVip, -LbName |
| DNS-01 with a Posh-ACME DNS plugin | | -ValidationMethod dns, -DNSPlugin, -DNSParams |
| Manual DNS-01 challenge records | | -ValidationMethod dns without -DNSPlugin or -UseNetScalerDNS |
| DNS-01 hosted on NetScaler DNS | | -ValidationMethod dns, -UseNetScalerDNS |
| Let's Encrypt staging | | default behavior |
| Let's Encrypt production | | -Production |
| ZeroSSL production with HTTP-01 and external account binding | | -CertificateProvider ZeroSSL, -ValidationMethod http, EAB parameters |
| ZeroSSL production with DNS-01 and external account binding | | -CertificateProvider ZeroSSL, EAB parameters |
| Other ACME providers | supported but not live-tested | -CertificateProvider, -AcmeDirectoryUrl, EAB parameters |
| SAN certificate | | -CN, -SAN |
| Wildcard certificate with DNS-01 | | wildcard value in -SAN, DNS validation |
tlsserver ACME profile | | -Profile tlsserver |
| Renewal decision behavior | | RenewAfter, ARI/order metadata, dynamic lifetime fallback |
| Upload PFX and update existing SSL certkey | | -CertKeyNameToUpdate |
| Create new SSL certkey | | omit -CertKeyNameToUpdate |
| Upload and link intermediate/root chain certkeys | | automatic |
| Replace Global VPN certificate binding | | -UpdateGlobalVPNCertBinding |
| Create restricted certificate automation API user | | New-NSACMECertificateUser |
| Update local IIS binding | supported but not live-tested | -UpdateIIS |
| Create or update a JSON config file from a request | | -ConfigFile |
| Run scheduled renewals from JSON config | | -ConfigFile, -AutoRun |
| Run multiple certificate requests from one config file | | -ConfigFile, -AutoRun |
| Run a post-renewal PowerShell script | | -PostPoSHScriptFilename, -PostPoSHScriptExtraParameters |
| Send renewal result email | supported but not live-tested | -SendMail, SMTP parameters |
| Clean unused NetScaler SSL certkey files | | Invoke-NSCleanCertKeyFiles |
| Clean temporary HTTP validation objects | | -CleanADC |
| Remove test certificates from NetScaler | | -RemoveTestCertificates |
| Run through legacy wrapper script | | .\GenLeCertForNS.ps1 |
| External CSR/key file workflow | planned | not available |