Chapter 1 Overview Of Css Ssl; Ssl Cryptography Overview - Cisco 11503 - CSS Content Services Switch Configuration Manual

SSL Cryptography Overview

OL-5655-01
Overview of CSS SSL
Secure Sockets Layer (SSL) is an application-level protocol that provides
encryption technology for the Internet, ensuring secure transactions such as the
transmission of credit card numbers for e-commerce Web sites. SSL provides the
secure transaction of data between a client and a server through a combination of
privacy, authentication, and data integrity. SSL relies upon certificates,
private-public key exchange pairs, and Diffie-Hellman key agreement parameters
for this level of security.
This chapter contains the following major sections:
• SSL Cryptography Overview
Overview of the SSL Module Functions in the CSS
•
The CSS uses the SSL Acceleration Module and a special set of SSL commands
to perform the SSL cryptographic functions between a client and a server. The
SSL functions include client and server authentication, private-key and
public-key generation, certificate management, and data packet encryption and
decryption.
The SSL module supports SSL version 3.0 and Transport Layer Security (TLS)
version 1.0. The module understands and accepts an SSL version 2.0 ClientHello
message to allow dual version clients to communicate with the CSS through the
SSL module. In this case, the client indicates an SSL version of 3.0 in the version
2.0 ClientHello, which informs the SSL module that the client can support SSL
version 3.0. The SSL module returns a version 3.0 ServerHello message.
C H A P T E R
Cisco Content Services Switch SSL Configuration Guide
1
1-1