Chapter 2
SSL Configuration Quick Starts
Table 2-4
list.
Table 2-4
Task and Command Example
1.
2.
3.
4.
5.
Note
6.
7.
OL-5655-01
provides an overview of steps required to create a back-end SSL proxy
Back-End SSL Proxy List Quick Start
Specify a number to identify a back-end SSL server in an existing SSL
termination proxy list.
(config-ssl-proxy-list[ssl_list1])# backend-server 1
Specify an IP address. Enter an IP address that corresponds to the address
of the service for the back-end SSL server.
(config-ssl-proxy-list[ssl_list1])# backend-server 1 ip address
192.168.4.4
(Optional) By default, the virtual TCP port number for the back-end server
is 80. Assign the virtual TCP port number if you need to change it.
(config-ssl-proxy-list[ssl_list1])# backend-server 1 port 8080
Specify server IP address for the back-end server. Enter a valid IP address
for the server.
(config-ssl-proxy-list[ssl_list1])# backend-server 1 server-ip
192.168.4.4
(Optional) By default, the server port number for the back-end server is 443.
Assign the server port number if you need to change it.
(config-ssl-proxy-list[ssl_list1])# backend-server 1 server-port
113
If you configure the backend-server number ip address and server-ip
commands with the same address, configure the backend-server
number port and server-port commands with different port numbers.
(Optional) By default, the back-end server supports all available CSS cipher
suites. If necessary, assign a specific cipher suite to be used by the back-end
SSL server, for example the RSA certificates and keys:
(config-ssl-proxy-list[ssl_list1])# backend-server 1 cipher
rsa-export-with-rc4-40-md5
Activate the completed SSL proxy list.
(config-ssl-proxy-list[ssl_list1])# active
Cisco Content Services Switch SSL Configuration Guide
2-9