Allen,
I have an update for you regarding this. I recently went through with PEM certificate parameterization and it worked out great. Earlier I suggested using PEM (which is required for Load Runner) and suggested an article for parameterizing the certificates. The issue with the site I initially suggested is it only told you how to set up the initial cert, not to parameterize it.
Once you follow the instructions on that site, you need to have a folder (i.e. "KEYS") in any directory of your choosing as long as you designate in the script where it needs to pull the cert from. From this you can set up a naming scheme for the user. "testuser1, testuser2, ...... testuser30) ... from here you can paramaterize by setting up the test user naming scheme (such as the number area) and a parm variable. have it go through a number dat and pull a new number on each occurence, and voila. Sample code is below.
Action()
{
//certificate request handler
web_set_certificate_ex("CertFilePath=C:\\keys\\test.user.111111111{certnum}.signed.cer",
"CertFormat=PEM",
"KeyFilePath=C:\\keys\\test.user.111111111{keynum}.key",
"KeyFormat=PEM",
"Password=XXXXXX",
//"CertIndex=1",
LAST);
//end certificate request handler