6-19
Cisco Content Services Switch SSL Configuration Guide
OL-5655-01
Chapter 6 Configuring SSL Initiation
Configuring Back-End SSL Servers in an SSL Initiation Proxy List
To reset the buffer size to the default of 65536, enter:
(config-ssl-proxy-list[ssl_list1])# no backend-server 1 tcp
buffer-share tx
Configuring Client Certificates and Keys
SSL servers frequently require that a client authenticate itself before a data
transfer can occur. To allow the client (in this case, the SSL module) to
authenticate itself to such a server, you must configure client certificates and keys
on the CSS.
To obtain a client certificate and key pair, contact your authorized certificate
authority (CA). Once the CA has prepared your client certificate and key pair, you
must import them into the CSS. For information about importing a certificate and
key pair, see the “Importing or Exporting Certificates and Private Keys” section
in Chapter 3, Configuring SSL Certificates and Keys. Once you have imported the
certificate and key pair, you must associate them with a filename. For information
about associating a certificate and key pair with filenames, see the “Associating
Certificate and Private Key Files with Names” section in Chapter 3, Configuring
SSL Certificates and Keys.
If the SSL module originates a connection to an SSL server that requests a client
certificate and no client certificate and key are configured on the CSS, the CSS
increments the Requested Client Certificate Not Sent counter.
Note When the SSL server does not receive the requested client certificate, it may close
the connection.
The following sections describe how to configure client certificates and keys.
To Next Page
Loading...
Need help?
General
