Configuring Back-End SSL Servers in an SSL Initiation Proxy List
Configuring the RSA Certificate Name
Configuring the RSA Key Name
Configuring Diffie Hellman Parameters
Cisco Content Services Switch SSL Configuration Guide
6-20
To configure the back-end server RSA certificate, use the backend-server
number rsacert name command. The certificate must already be loaded on the
SCM. If the certificate name does not exist, the CSS logs an error message. Enter
a name for the RSA certificate as an unquoted text string from 1 to 31 characters.
For example, to configure an RSA certificate named myrsacert, enter:
(config-ssl-proxy-list[ssl_list1])# backend-server 1 rsacert myrsacert
To remove an RSA cert from the SSL proxy list, enter:
(config-ssl-proxy-list[ssl_list1])# no backend-server 1 rsacert
To configure the back-end server RSA key name, use the backend-server number
rsakey name command. The key pair must already be loaded on the SCM. If the
key pair name does not exist, the CSS logs an error message. Enter a name for the
RSA key pair as an unquoted text string from 1 to 31 characters.
For example, to configure an RSA key pair named myrsakey, enter:
(config-ssl-proxy-list[ssl_list1])# backend-server 1 rsakey myrsakey
To remove an RSA key pair from the SSL proxy list, enter:
(config-ssl-proxy-list[ssl_list1])# no backend-server 1 rsakey
To configure the back-end server Diffie-Hellman (DH) parameter file, use the
backend-server number dhparam name command. The DH parameters file must
already be loaded on the SCM. If the parameter file does not exist, the CSS logs
an error message. Enter a name for the DH parameter files as an unquoted text
string from 1 to 31 characters.
For example, to configure a DH parameter file named dhparamfile2, enter:
(config-ssl-proxy-list[ssl_list1])# backend-server 1 dhparam
dhparamfile2
To remove the configured DH parameter file from the SSL proxy list, enter:
(config-ssl-proxy-list[ssl_list1])# no backend-server 1 dhparam
Chapter 6
Configuring SSL Initiation
OL-5655-01