EasyManuals Logo

Cisco 11503 - CSS Content Services Switch Configuration Guide

Cisco 11503 - CSS Content Services Switch
250 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #118 background imageLoading...
Page #118 background image
Chapter 4 Configuring SSL Termination
Configuring Virtual SSL Servers for an SSL Proxy List
4-36
Cisco Content Services Switch SSL Configuration Guide
OL-5655-01
Use the ssl-server number urlrewrite command to add a URL rewrite rule to the
virtual SSL server to avoid nonsecure HTTP 300-series redirects. This command
instructs the CSS, through the SSL module, to examine every HTTP header field
received from the server for a 300-series redirection response (such as 302 Found
or 304 Not Modified). If the CSS finds a 300-series return code, it searches the
Location Response-Header field in the HTTP header to determine if the field
matches the hostname defined in a URL rewrite rule. If there is a match, the CSS
rewrites the Location field to contain an HTTPS location and the SSL port for the
response.
For example, to define the following URL rewrite rule, keeping the default of port
443 for the SSL port and port 80 for the clear text port, enter:
(config-ssl-proxy-list[ssl_list1])# ssl-server 20 urlrewrite 22
www.website.com
In this case, all HTTP redirects to http://www.website.com/ are rewritten in the
SSL module as https://www.website.com/ and forwarded to the client.
The CSS supports the use of wildcards in domain hostnames as part of the
matching criteria for a URL redirect rule. Include an asterisk (*) wildcard
character in the domain name to identify more than one host in a single domain.
You can specify a wildcard-only hostname (for example, *), a prefix wildcard (for
example, *.mydomain.com), or a suffix wildcard (for example,
www.mydomain.*). When using a wildcard-only hostname, the entire domain
name is the * (asterisk) character and all HTTP redirects that come through this
VIP address from the server are rewritten to HTTPS. In this case, there is no need
to have additional URL rewrite rules for the SSL server.
Note Use care when specifying wildcards to avoid unwanted rewriting of all URL
references by the SSL module. Review your redirects and ensure that every URL
that matches a specified wildcard rule needs to be rewritten.
The syntax for the ssl-server number urlrewrite command is:
ssl-server number urlrewrite number hostname [sslport port {clearport
port}]
The options and variables are:
• ssl-server number - The number used to identify the virtual SSL server in the
SSL proxy list.

Table of Contents

Other manuals for Cisco 11503 - CSS Content Services Switch

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the Cisco 11503 - CSS Content Services Switch and is the answer not in the manual?

Cisco 11503 - CSS Content Services Switch Specifications

General IconGeneral
BrandCisco
Model11503 - CSS Content Services Switch
CategorySwitch
LanguageEnglish

Related product manuals