Configuring a Service for Back-End SSL
Configuring a Service for Back-End SSL
Note
Note
Cisco Content Services Switch SSL Configuration Guide
5-18
An SSL proxy list may belong to multiple SSL services (one SSL proxy list per
service), and an SSL service may belong to multiple content rules. You can apply
the services to content rules that allow the CSS to direct SSL requests for content.
The CSS supports one active SSL service for each SSL module in the CSS, one
SSL service per slot. You can configure more than one SSL service for a slot but
only a single SSL service can be active at a time.
The requirements for the type of service to be added to the back-end content rule
is as follows:
The service must have a configured IP address
•
The keepalive type for a back-end service can be none, ICMP, TCP, or SSL.
•
If you configure a TCP or SSL keepalive type, you must configure the
keepalive port correctly for the service to work.
You must configure an SSL proxy list that contains back-end-server
•
configuration for this type of service.
If you do not configure a service port, the CSS uses the same port number as the
back-end content rule.
This section covers:
Creating an SSL Service
•
Configuring the Back-End SSL Service Type
•
Adding an SSL Proxy List for a Back-End SSL Server
•
Configuring an IP Address for a Back-End SSL Service
•
Configuring the Port Number for a Back-End SSL Service
•
Activating the SSL Service
•
Suspending the SSL Service
•
Chapter 5
Configuring Back-End SSL
OL-5655-01