Chapter 2
SSL Configuration Quick Starts
SSL Service and Content Rule Quick Start
SSL Termination Service and Content Rule Quick Start
OL-5655-01
Before the CSS can use an SSL proxy list, you must add the proxy to an SSL
service and add the service to an SSL content rule. The following sections
describe how to:
Create an SSL service
•
Create an SSL content rule
•
Add the SSL service to the SSL content rule
•
Table 2-6
provides an overview of the steps required to create an SSL service for
SSL termination, including adding the SSL proxy list to the service and creating
an SSL content rule.
Table 2-6
SSL Server Service and Content Rule Quick Start
Task and Command Example
Create an SSL service.
1.
(config)# service ssl_serv1
Create service <ssl_serv1>, [y/n]: y
Specify ssl-accel as the service type.
2.
(config-service[ssl_serv1])# type ssl-accel
Specify the slot of the SSL module in the CSS chassis.
3.
(config-service[ssl_serv1])# slot 3
Disable the CSS from sending keepalive messages to the service.
4.
(config-service[ssl_serv1])# keepalive type none
Add the SSL proxy list to the SSL service.
5.
(config-service[ssl_serv1])# add ssl-proxy-list ssl_list1
Activate the SSL service.
6.
(config-service[ssl_serv1])# active
Cisco Content Services Switch SSL Configuration Guide
2-13