Cisco 11503 - CSS Content Services Switch Configuration Manual page 52

Table 2-6
Task and Command Example
7.
8.
9.
10.
11.
12.
13.
14.
Cisco Content Services Switch SSL Configuration Guide
2-14
SSL Server Service and Content Rule Quick Start (continued)
Create an SSL content rule.
(config)# owner ssl_owner
Create owner <ssl_owner>, [y/n]: y
(config-owner[ssl_owner])# content ssl_rule1
Create content <ssl_rule1>, [y/n]: y
Configure a VIP address or domain name for the content rule. Ensure that
the VIP address is the same as the address specified in the SSL proxy list.
(config-owner-content[ssl-rule1]# vip address 192.168.3.6
Specify a TCP port number for the content rule. Ensure the port number is
the same as the port specified in the SSL proxy list.
(config-owner-content[ssl-rule1]# port 444
If you are using two or more SSL modules and want to use stickiness based
on SSL version 3 session ID for a Layer 5 content rule, specify the following
parameters in the content rule to take advantage of the SSL session ID
reuse:
• Enter the application ssl command to specify the SSL application type.
(config-owner-content[ssl-rule1])# application ssl
Enter the advanced-balance ssl command to enable the content rule to
•
be sticky based on SSL.
(config-owner-content[ssl-rule1])# advanced-balance ssl
Add the SSL service to the content rule.
(config-owner-content[ssl_rule1])# add service ssl_serv1
Activate the content rule.
(config-owner-content[ssl_rule1])# active
Save your configuration changes to the running configuration.
# copy running-config startup-config
Continue to Table 2-7
Table 2-8 if your configuration includes SSL initiation.
Chapter 2
if your configuration includes back-end SSL or
SSL Configuration Quick Starts
OL-5655-01