Creating An Ssl Proxy List; Figure 5-1 Back-End Ssl With Ssl Termination - Cisco 11503 - CSS Content Services Switch Configuration Manual

Creating an SSL Proxy List

Creating an SSL Proxy List
Cisco Content Services Switch SSL Configuration Guide
5-2
Figure 5-1 illustrates back-end SSL with SSL termination.
Figure 5-1 Back-End SSL with SSL Termination
Encrypted
data
Client
CSS w/ SSL term
and back-end
An SSL proxy list determines the flow of SSL information among the SSL
module, the client, and the server. An SSL proxy list comprises one or more
back-end SSL servers (related by index entry). The back-end SSL server entry
initiates the connection to an SSL server. You can define a maximum of 256
virtual or back-end SSL servers for a single SSL proxy list.
After you create and configure the entries in a proxy list, you must activate the
list, and then add the SSL proxy list to a service to initiate the transfer of SSL
configuration data to the SSL module. When you activate the service, the CSS
transfers the data to the module. Then add each SSL service to an SSL content
rule.
An SSL proxy list is a group of related back-end SSL servers that are associated
with an SSL service. To create an SSL proxy list, use the ssl-proxy-list command.
You can access the ssl-proxy-list configuration mode from most configuration
modes except for ACL, boot, group, rmon, or owner configuration modes. You can
also use this command from the ssl-proxy-list configuration mode to access
another SSL proxy list. Enter the SSL proxy list name as an unquoted text string
from 1 to 31 characters.
For example, to create the SSL proxy list, ssl_list1, enter:
(config)# ssl-proxy-list ssl_list1
Create ssl-list <ssl_list1>, [y/n]: y
Chapter 5
Encrypted
data
Internet
Configuring Back-End SSL
Encrypted
data
SSL server
OL-5655-01