Chapter 2 SSL Configuration Quick Starts
2-12
Cisco Content Services Switch SSL Configuration Guide
OL-5655-01
The following running-configuration example shows the results of entering the
commands in Table 2-5.
!*********************** SSL PROXY LIST ***********************
ssl-proxy-list ssl-list1
backend-server 1
backend-server 1 initiation
backend-server 1 ip address 192.168.2.3
backend-server 1 port 8080
backend-server 1 server-ip 192.168.2.3
backend-server 1 server-port 40443
backend-server 1 cipher rsa-with-rc4-128-md5 weight 10
backend-server 1 rsacert myrsacert
backend-server 1 rsakey myrsakey
backend-server 1 cacert mycert1
active
8. (Optional) By default, the back-end server supports all available CSS cipher
suites. If necessary, assign a specific cipher suite to be used by the back-end
SSL server.
(config-ssl-proxy-list[ssl_list1])# backend-server 1 cipher
rsa-with-rc4-128-md5 weight 10
9. (If Required) Configure client certificates and keys in the proxy list for SSL
servers that request them. The certificates and keys must have already been
imported and associated with a filename on the CSS. For example, to
configure an existing RSA client certificate and key, enter:
(config-ssl-proxy-list[ssl_list1])# backend-server 1 rsacert
myrsacert
(config-ssl-proxy-list[ssl_list1])# backend-server 1 rsakey
myrsakey
10. (Optional) Configure CA certificates in the proxy list for server
authentication by the SSL module (the client). The CA certificate must
already have been imported and associated with a filename on the CSS.
(config-ssl-proxy-list[ssl_list1])# backend-server 1 cacert
mycert1
11. Activate the completed SSL proxy list.
(config-ssl-proxy-list[ssl_list1])# active
Table 2-5 SSL Initiation Proxy List Quick Start (continued)
Task and Command Example
To Next Page
Loading...
Need help?
General
