Chapter 5 Configuring Back-End SSL
Creating an SSL Proxy List
5-2
Cisco Content Services Switch SSL Configuration Guide
OL-5655-01
Figure 5-1 illustrates back-end SSL with SSL termination.
Figure 5-1 Back-End SSL with SSL Termination
An SSL proxy list determines the flow of SSL information among the SSL
module, the client, and the server. An SSL proxy list comprises one or more
back-end SSL servers (related by index entry). The back-end SSL server entry
initiates the connection to an SSL server. You can define a maximum of 256
virtual or back-end SSL servers for a single SSL proxy list.
After you create and configure the entries in a proxy list, you must activate the
list, and then add the SSL proxy list to a service to initiate the transfer of SSL
configuration data to the SSL module. When you activate the service, the CSS
transfers the data to the module. Then add each SSL service to an SSL content
rule.
Creating an SSL Proxy List
An SSL proxy list is a group of related back-end SSL servers that are associated
with an SSL service. To create an SSL proxy list, use the ssl-proxy-list command.
You can access the ssl-proxy-list configuration mode from most configuration
modes except for ACL, boot, group, rmon, or owner configuration modes. You can
also use this command from the ssl-proxy-list configuration mode to access
another SSL proxy list. Enter the SSL proxy list name as an unquoted text string
from 1 to 31 characters.
For example, to create the SSL proxy list, ssl_list1, enter:
(config)# ssl-proxy-list ssl_list1
Create ssl-list <ssl_list1>, [y/n]: y
Client
CSS w/ SSL term
and back-end
Encrypted
data
Encrypted
data
SSL serve
Internet
Encrypted
data
To Next Page
Loading...
Need help?
General
