By default, the SSL session cache for the SSL module can hold 10000 sessions.
Note
The cache size is the maximum number of SSL session IDs that can be stored in
a dedicated session cache on an SSL module. If necessary for your SSL service,
use the session-cache-size command to reconfigure the size of the SSL session ID
cache for the SSL service.
The back-end session ID cache is 4096 entries and is not configurable.
When you configure a back-end SSL server on the CSS
processing from the client to CSS is the same as steps 1 through 4 in the previous
example. However in step 4 shown in
HTTP connection to an HTTP-SSL content rule with services to a back-end SSL
server.
Figure 8-2
Web shopping
Cisco Content Services Switch SSL Configuration Guide
8-4
CSS Configuration with a Back-End SSL Server
Client A
Port 80
Internet
1
session
L5/L4 SSL
Content Rule
L5 HTTP-SSL
Content Rule
Backend SSL VIP Port 80
5
6
Backend SSL Server
IP Port 443
Port 80
ServerABC
Chapter 8
Figure
8-2, the SSL module initiates an
Port 443
Payment/checkout
2
session
3
VIP Port 443
4
VIP Port 80
ServerDEF
Examples of CSS SSL Configurations
(Figure
8-2), flow
SSL
Acceleration
Module
M3
M2
M1
CSS 11506
Ethernet
connection
ServerGHI
OL-5655-01