Configuring a Service for Back-End SSL
Configuring an IP Address for a Back-End SSL Service
Configuring the Port Number for a Back-End SSL Service
Cisco Content Services Switch SSL Configuration Guide
5-20
For example, to add the SSL proxy list ssl list3 for a back-end SSL service, enter:
(config-service[server1])# add ssl-proxy-list ssllist3
To remove an SSL proxy list for the back-end service, enter:
(config-service[server1])# remove ssl-proxy-list ssllist3
The IP address for a back-end SSL service must match the IP address configured
in the SSL proxy list for the back-end server.
For example, to configure the IP address 10.11.21.13 for the back-end SSL
service, enter:
(config-service[server1])# ip address 10.11.21.13
To remove the IP address for the back-end SSL service, enter:
(config-service[server1])# no ip address
The CSS uses the port number to send clear text data back to the SSL module for
reencryption. By default, the CSS uses the port number of the back-end content
rule associated with the service, port 80. If the port number is different from the
the back-end HTTP-SSL content rule, use the port command to configure it.
Enter the port number as a integer from 1 to 65535. If you configure a port
number, it must match the virtual port number configured in the SSL proxy list for
the back-end server.
For example, to configure a port number of 55, enter:
(config-service[server1])# port 55
To reset the port number of the back-end content rule, enter:
(config-service[server1])# no port
Chapter 5
Configuring Back-End SSL
OL-5655-01