Chapter 1 Overview of CSS SSL
Overview of the SSL Module Functions in the CSS
1-8
Cisco Content Services Switch SSL Configuration Guide
OL-5655-01
No network traffic is sent to an SSL module from the SCM until an SSL content
rule is activated to:
• Define where the content physically resides
• Specify where to direct the request for content (which service)
• Specify which load-balancing method to use
An SSL proxy list determines the flow of information to and from an SSL module.
An entry in the proxy list defines the flow from a client to an SSL module. An
entry also defines a flow from an SSL module to a back-end SSL server. To define
how an SSL module processes SSL requests for content, add an SSL proxy list to
an SSL service. For more detailed information on the SSL module functions, see
the “Processing of SSL Flows by the SSL Module” section in Chapter 8,
Examples of CSS SSL Configurations.
The SSL module provides the following major SSL features:
• SSL Termination
• Client Authentication
• Back-End SSL
• SSL Initiation
SSL Termination
When you create an entry in a proxy list to define the flow between an SSL
module and a client, the module operates as a virtual SSL server by adding
security services between a web browser (the client) and the HTTP connection
(the server). All inbound SSL flows from a client terminate at an SSL module in
the CSS.
Once the connection is terminated, the SSL module decrypts the data and sends
the data as clear text to the CSS for a decision on load balancing. The CSS
transmits the data as clear text to an HTTP server. For more information about
SSL termination in the CSS, see Chapter 4, Configuring SSL Termination.
To Next Page
Loading...
Need help?
General
