Chapter 5
Configuring Back-End SSL
Creating an SSL Service
Configuring the Back-End SSL Service Type
Adding an SSL Proxy List for a Back-End SSL Server
OL-5655-01
When creating a service for use with an SSL module, you must identify it as an SSL
service for the CSS to recognize it. For additional details on creating a service, refer
to the Cisco Content Services Switch Content Load-Balancing Configuration
Guide.
Enter the SSL service name, from 1 to 31 characters.
To create service ssl_serv1, enter:
(config)# service ssl_serv1
Create service <ssl_serv1>, [y/n]: y
The CSS transitions into the newly created service mode.
(config-service[ssl_serv1])#
You must configure the ssl-accel-backend service type for a back-end SSL
service. To configure a service type for a back-end SSL service, enter:
(config-service[server1]# type ssl-accel-backend
After you configure an SSL proxy list for a back-end SSL server, add the active
list to an SSL service to define how the CSS processes SSL requests for content
from a back-end SSL server. Configuring the back-end SSL service is similar to
configuring a local service except you must set the service type to
ssl-accel-backend. Also, this type of service requires an SSL proxy list with a
back-end server entry.
An SSL proxy list contains the parameters for the back-end SSL service. To add
the proxy list to the service, use the add ssl-proxy-list command. For more
information on configuring an SSL proxy list for a back-end server, see the
"Configuring the Back-End SSL Service Type"
Enter the name of the previously created SSL proxy list (see the
Proxy List"
section in this chapter) that you want to add to the service.
Cisco Content Services Switch SSL Configuration Guide
Configuring a Service for Back-End SSL
section earlier in this chapter.
"Creating an SSL
5-19