EasyManuals Logo

Cisco 11503 - CSS Content Services Switch Configuration Guide

Cisco 11503 - CSS Content Services Switch
250 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #134 background imageLoading...
Page #134 background image
Chapter 4 Configuring SSL Termination
Configuring a Service for SSL Termination
4-52
Cisco Content Services Switch SSL Configuration Guide
OL-5655-01
If you specify 0 as the SSL session cache size, the SSL module associated with
the SSL service does not cache any SSL session IDs. If you choose to disable the
SSL session cache, ensure the following parameters are properly configured to
disable the use of SSL session ID:
• Set the ssl-server number session-cache timeout setting in the SSL proxy list
to 0 (disabled) for a virtual SSL server.
• Disable the advanced-balance ssl command in the content rule to disable
SSL sticky.
For example, to specify an SSL session cache size of 20000 sessions, enter:
(config-service[ssl_serv1])# session-cache-size 20000
To reset the SSL session cache size to the default of 10000 sessions, enter:
(config-service[ssl_serv1])# no session-cache-size
Activating the SSL Service
Once you configure an SSL proxy list service, use the active command to activate
the service. Activating a service puts it into the resource pool for load-balancing
SSL content requests between the client and the server.
Before activating an SSL service:
• For a virtual SSL server, you must add an SSL proxy list to an ssl-accel type
service before you can activate the service. If no list is configured when you
enter the active command, the CSS logs the following error message and does
not activate the service.
Must add at least one ssl-proxy-list to an ssl-accel type service
• For a back-end SSL server, you must add an SSL proxy list to an
ssl-accel-backend type service before you can activate the service. If no list
is configured when you enter the active command, the CSS logs the following
error message and does not activate the service.
Must add at least one ssl-proxy-list to an ssl-accel type service
• The SSL proxy list added to the service must be active before you can activate
the service. If the list is suspended, the CSS logs the following error message
and does not activate the service.
No ssl-lists on service, service not activated

Table of Contents

Other manuals for Cisco 11503 - CSS Content Services Switch

Preview: Administration Guide
Administration Guide392 pages

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the Cisco 11503 - CSS Content Services Switch and is the answer not in the manual?

Cisco 11503 - CSS Content Services Switch Specifications

General IconGeneral
BrandCisco
Model11503 - CSS Content Services Switch
CategorySwitch
LanguageEnglish

Related product manuals