3-3
Cisco Content Services Switch SSL Configuration Guide
OL-5655-01
Chapter 3 Configuring SSL Certificates and Keys
Overview of SSL Certificates and Keys
Figure 3-1 provides an overview of how to configure an RSA key pair and SSL
server certificate on the CSS.
Figure 3-1 SSL Key and Server Certificate Configuration Overview
104548
No
Yes
No
Yes
Associate the key pair to a filename to allow
the CSS to recognize it as a RSA key pair.
Create the certificate signing request (CSR) to apply for an SSL certificate.
The CSR includes the RSA key pair filename.
Copy and paste the CSR to the Certificate Authority (CA) web-based
application or email the CSR to the CA. When you receive the certificate
from the CA, make sure that you save it in its received format.
Save the certificate on the FTP-record server
and copy the file to the CSS.
Associate the certificate to a filename to allow
the CSS to recognize it as a certificate.
Verify that the public key in the keypair association
matches the public key in the certificate association.
Now you can configure the CSS SSL proxy list,
service, and content rule.
Do you
have a pre-existing
certificate?
Do you
have a pre-existing
RSA key pair?
Configure an FTP or SFTP server on the CSS as an FTP record.
This record allows you to copy files from the server to the CSS
(for example, a certificate or RSA key pair file).
In global configuration mode, create the RSA private/public key pair.
The CSS uses the key pair to sign and encrypt packet data. Also the key pair
is required for another device to exchange an SSL certificate with the CSS.
Do you
want to create a temporary
test certificate?
Create a self-signed
certificate.
Yes
Save the key pair
on the FTP-record
server and copy
the file to the CSS.
No
To Next Page
Loading...
Need help?
General
