Table 2-5
Task and Command Example
8.
9.
10.
11.
The following running-configuration example shows the results of entering the
commands in
!*********************** SSL PROXY LIST ***********************
ssl-proxy-list ssl-list1
Cisco Content Services Switch SSL Configuration Guide
2-12
SSL Initiation Proxy List Quick Start (continued)
(Optional) By default, the back-end server supports all available CSS cipher
suites. If necessary, assign a specific cipher suite to be used by the back-end
SSL server.
(config-ssl-proxy-list[ssl_list1])# backend-server 1 cipher
rsa-with-rc4-128-md5 weight 10
(If Required) Configure client certificates and keys in the proxy list for SSL
servers that request them. The certificates and keys must have already been
imported and associated with a filename on the CSS. For example, to
configure an existing RSA client certificate and key, enter:
(config-ssl-proxy-list[ssl_list1])# backend-server 1 rsacert
myrsacert
(config-ssl-proxy-list[ssl_list1])# backend-server 1 rsakey
myrsakey
(Optional) Configure CA certificates in the proxy list for server
authentication by the SSL module (the client). The CA certificate must
already have been imported and associated with a filename on the CSS.
(config-ssl-proxy-list[ssl_list1])# backend-server 1 cacert
mycert1
Activate the completed SSL proxy list.
(config-ssl-proxy-list[ssl_list1])# active
Table
2-5.
backend-server 1
backend-server 1 initiation
backend-server 1 ip address 192.168.2.3
backend-server 1 port 8080
backend-server 1 server-ip 192.168.2.3
backend-server 1 server-port 40443
backend-server 1 cipher
backend-server 1 rsacert myrsacert
backend-server 1 rsakey myrsakey
backend-server 1 cacert mycert1
active
Chapter 2
rsa-with-rc4-128-md5 weight 10
SSL Configuration Quick Starts
OL-5655-01