Chapter 5 Configuring Back-End SSL
Configuring a Service for Back-End SSL
5-20
Cisco Content Services Switch SSL Configuration Guide
OL-5655-01
For example, to add the SSL proxy list ssl list3 for a back-end SSL service, enter:
(config-service[server1])# add ssl-proxy-list ssllist3
To remove an SSL proxy list for the back-end service, enter:
(config-service[server1])# remove ssl-proxy-list ssllist3
Configuring an IP Address for a Back-End SSL Service
The IP address for a back-end SSL service must match the IP address configured
in the SSL proxy list for the back-end server.
For example, to configure the IP address 10.11.21.13 for the back-end SSL
service, enter:
(config-service[server1])# ip address 10.11.21.13
To remove the IP address for the back-end SSL service, enter:
(config-service[server1])# no ip address
Configuring the Port Number for a Back-End SSL Service
The CSS uses the port number to send clear text data back to the SSL module for
reencryption. By default, the CSS uses the port number of the back-end content
rule associated with the service, port 80. If the port number is different from the
the back-end HTTP-SSL content rule, use the port command to configure it.
Enter the port number as a integer from 1 to 65535. If you configure a port
number, it must match the virtual port number configured in the SSL proxy list for
the back-end server.
For example, to configure a port number of 55, enter:
(config-service[server1])# port 55
To reset the port number of the back-end content rule, enter:
(config-service[server1])# no port
To Next Page
Loading...
Need help?
General
