Chapter 6 Configuring SSL Initiation
Configuring a Service for SSL Initiation
6-28
Cisco Content Services Switch SSL Configuration Guide
OL-5655-01
SSL Session ID Cache Size
The cache size is the maximum number of SSL session IDs that can be stored in a
dedicated session cache on an SSL module. For services of type ssl-init, the SSL
session cache size is fixed at 4096 entries and is not configurable.
Activating the SSL Service
Once you configure an SSL proxy list service, use the active command to activate
the service. Activating a service puts it into the resource pool for load-balancing
SSL content requests between the client and the server.
Before activating an SSL service:
• For an initiation SSL server, you must add an SSL proxy list to an ssl-init type
service before you can activate the service. If no list is configured when you
enter the active command, the CSS logs the following error message and does
not activate the service.
Must add at least one ssl-proxy-list to an ssl-init type service
• The SSL proxy list added to the service must be active before you can activate
the service. If the list is suspended, the CSS logs the following error message
and does not activate the service.
No ssl-lists on service, service not activated
Once the service is ready to activate, the CSS initiates the transfer of appropriate
SSL configuration data for each SSL proxy list to a specific SSL module and
activates the service. If there is an error in transfer, the CSS logs the appropriate
error and does not activate the service.
No modifications may be made to an active SSL proxy list. If modifications are
necessary, first suspend the SSL service to make changes to the SSL proxy list
entries.
To activate service ssl_serv1, enter:
(config-service[ssl_serv1])# active
To Next Page
Loading...
Need help?
General
