hit counter script

Activating The Ssl Service - Cisco 11503 - CSS Content Services Switch Configuration Manual

Content services switch ssl configuration guide
Hide thumbs Also See for 11503 - CSS Content Services Switch:
Table of Contents

Advertisement

Configuring a Service for SSL Termination

Activating the SSL Service

Cisco Content Services Switch SSL Configuration Guide
4-52
If you specify 0 as the SSL session cache size, the SSL module associated with
the SSL service does not cache any SSL session IDs. If you choose to disable the
SSL session cache, ensure the following parameters are properly configured to
disable the use of SSL session ID:
Set the ssl-server number session-cache timeout setting in the SSL proxy list
to 0 (disabled) for a virtual SSL server.
Disable the advanced-balance ssl command in the content rule to disable
SSL sticky.
For example, to specify an SSL session cache size of 20000 sessions, enter:
(config-service[ssl_serv1])# session-cache-size 20000
To reset the SSL session cache size to the default of 10000 sessions, enter:
(config-service[ssl_serv1])# no session-cache-size
Once you configure an SSL proxy list service, use the active command to activate
the service. Activating a service puts it into the resource pool for load-balancing
SSL content requests between the client and the server.
Before activating an SSL service:
For a virtual SSL server, you must add an SSL proxy list to an ssl-accel type
service before you can activate the service. If no list is configured when you
enter the active command, the CSS logs the following error message and does
not activate the service.
Must add at least one ssl-proxy-list to an ssl-accel type service
For a back-end SSL server, you must add an SSL proxy list to an
ssl-accel-backend type service before you can activate the service. If no list
is configured when you enter the active command, the CSS logs the following
error message and does not activate the service.
Must add at least one ssl-proxy-list to an ssl-accel type service
The SSL proxy list added to the service must be active before you can activate
the service. If the list is suspended, the CSS logs the following error message
and does not activate the service.
No ssl-lists on service, service not activated
Chapter 4
Configuring SSL Termination
OL-5655-01

Advertisement

Table of Contents
loading

This manual is also suitable for:

11500 series

Table of Contents