Configuring a Service for SSL Termination
Adding an SSL Proxy List to an SSL Termination Service
Specifying the SSL Module Slot
Note
Cisco Content Services Switch SSL Configuration Guide
4-50
After you configure a virtual SSL server on an SSL proxy list for an SSL module,
add the active list to an SSL service. The active list explains how the CSS
processes SSL requests for content through the specific SSL module.To include
an SSL proxy list as part of an SSL service, use the add ssl-proxy-list command
in service mode. Enter the name of the previously created SSL proxy list (see the
"Creating an SSL Proxy List"
service.
To add SSL proxy list ssl_list1 to service ssl_serv1, enter:
(config-service[ssl_serv1])# add ssl-proxy-list ssl_list1
To remove the SSL proxy list from the service, enter:
(config-service[ssl_serv1])# remove ssl-proxy-list ssl_list1
The CSS 11501 supports a single integrated SSL module. The CSS 11503 and
CSS 11506 support multiple SSL modules; a maximum of two in a CSS 11503
and a maximum of four in a CSS 11506. The SSL service requires the SSL module
slot number to correlate the SSL proxy list and virtual SSL server(s) to a specific SSL
module. Use the slot command to specify the slot in the CSS chassis where the SSL
module is located.
The valid slot entries are:
CSS 11501 - 2
•
CSS 11503 - 2 and 3
•
CSS 11506 - 2 to 6
•
Slot 1 is reserved for the SCM.
The CSS supports one active SSL service for each SSL module in the CSS (one
SSL service per slot). You can configure more than one SSL service for a slot but
only a single SSL service can be active at a time.
Chapter 4
section in this chapter) that you want to add to the
Configuring SSL Termination
OL-5655-01