SSL Transparent Proxy Configuration
Servers
Cisco Content Services Switch SSL Configuration Guide
8-12
This section provides an example configuration for an SSL transparent proxy for
two clients, a CSS with two SSL modules, two HTTP servers (ServerABC and
ServerGHI), and two back-end SSL servers (ServerDEF and ServerJKL). This
configuration is similar to the previous configuration. (See the
Proxy Configuration — Two SSL Modules"
includes the configuration for a back-end SSL server.
In
Figure
8-5, Client A's SSL connection has a destination address 192.168.5.5
that matches content rule ssl-rule. The CSS load balances the SSL connection to
SSL module 1. The module terminates the connection, decrypts the data to clear
text and initiates an HTTP connection to content rule http-rule. The CSS forwards
the request to HTTP server ServerABC.
Client B's SSL connection has a destination address 192.28.4.4 that matches
content rule ssl-rule-1. The CSS load balances the SSL connection to SSL
module 2. The module terminates the connection, decrypts the data to clear text
and initiates an HTTP connection to content rule http-ssl-rule. The CSS directs
the clear text data back to SSL module 2. The module terminates the connection,
re-encrypts the traffic, and establishes an SSL connection to SSL server
ServerDEF.
Chapter 8
Examples of CSS SSL Configurations
HTTP and Back-End SSL
—
section.) However, this example
"SSL Transparent
OL-5655-01