public Task GeneratePullReplicationCertificate()
        {
            if (ServerStore.Server.Certificate?.Certificate == null)
            {
                throw new BadRequestException("This endpoint requires secured server.");
            }

            ServerStore.LicenseManager.AssertCanAddPullReplicationAsHub();

            var validYears = GetIntValueQueryString("validYears", required: false) ?? 0; // 0 yr. will set the expiration to 3 months
            var notAfter   = validYears == 0 ? DateTime.UtcNow.AddMonths(3) : DateTime.UtcNow.AddYears(validYears);

            var log             = new StringBuilder();
            var commonNameValue = "PullReplicationAutogeneratedCertificate";

            CertificateUtils.CreateCertificateAuthorityCertificate(commonNameValue + " CA", out var ca, out var caSubjectName, log);
            CertificateUtils.CreateSelfSignedCertificateBasedOnPrivateKey(commonNameValue, caSubjectName, ca, false, false, notAfter, out var certBytes, log: log);
            var certificateWithPrivateKey = new X509Certificate2(certBytes, (string)null, X509KeyStorageFlags.MachineKeySet | X509KeyStorageFlags.Exportable);

            certificateWithPrivateKey.Verify();

            var keyPairInfo = new PullReplicationCertificate
            {
                PublicKey   = Convert.ToBase64String(certificateWithPrivateKey.Export(X509ContentType.Cert)),
                Thumbprint  = certificateWithPrivateKey.Thumbprint,
                Certificate = Convert.ToBase64String(certificateWithPrivateKey.Export(X509ContentType.Pfx))
            };

            using (ContextPool.AllocateOperationContext(out DocumentsOperationContext context))
                using (var writer = new BlittableJsonTextWriter(context, ResponseBodyStream()))
                {
                    writer.WriteStartObject();

                    writer.WritePropertyName(nameof(keyPairInfo.PublicKey));
                    writer.WriteString(keyPairInfo.PublicKey);
                    writer.WriteComma();

                    writer.WritePropertyName(nameof(keyPairInfo.Certificate));
                    writer.WriteString(keyPairInfo.Certificate);
                    writer.WriteComma();

                    writer.WritePropertyName(nameof(keyPairInfo.Thumbprint));
                    writer.WriteString(keyPairInfo.Thumbprint);

                    writer.WriteEndObject();
                }

            return(Task.CompletedTask);
        }