1-9
Cisco Content Services Switch SSL Configuration Guide
OL-5655-01
Chapter 1 Overview of CSS SSL
Overview of the SSL Module Functions in the CSS
Client Authentication
When client authentication occurs on the CSS, the CSS verifies that the:
• Client sending the certificate has a corresponding private key
• Client certificate is signed by a known CA
• Certificate has not expired
• Signature is valid
• Issuing CA has not revoked the certificate if a Certificate Revocation List
(CRL) is configured on the CSS
During a typical SSL handshake between a client and a server, the client does not
send a certificate as shown in Figure 1-1.
Figure 1-1 SSL Handshake Without Client Authentication
119227
SSL Client SSL Server
ClientHello
ServerHello
Certificate
ServerHelloDone
ClientKeyExchange
ChangeCipherSpec
Finished
ChangeCipherSpec
Finished
To Next Page
Loading...
