Hello, Gavin
Here you have some additional examples which might help you out:
Admin# sh crypto files
Filename File File Expor Key/
Size Type table Cert
-----------------------------------------------------------------------
cert-test 2088 PEM Yes CERT
key-test 1675 PEM Yes KEY
# crypto verify key-test cert-test
Keypair in key-test matches certificate in cert-test
Admin(config)# crypto chaingroup my-chaingroup
Admin(config-chaingroup)# cert my-root
Admin(config-chaingroup)# cert my-intermediate
ACE-M2/Admin(config-chaingroup)# exit
Admin# sh crypto chaingroup all
chaingroup muflas contains:
my-root
my-intermediate
(config)# ssl-proxy service my-ssl-proxy
Admin(config-ssl-proxy)# chaingroup my-chaingroup
Admin(config-ssl-proxy)# cert cert-test
Admin(config-ssl-proxy)# key key-test
Admin(config-ssl-proxy)# end
Then finally, your configuration should like this:
interface vlan 100
ip address 10.198.16.75 255.255.255.192
access-group input Allow_Access
nat-pool 1 10.198.16.103 10.198.16.103 netmask 255.255.255.192 pat
service-policy input MGMT
service-policy input my-multimatch
no shutdown
policy-map multi-match my-multimatch
class vip
loadbalance vip inservice
loadbalance policy http
loadbalance vip icmp-reply active
nat dynamic 1 vlan 100
class ssl
loadbalance vip inservice
loadbalance policy http
loadbalance vip icmp-reply active
nat dynamic 1 vlan 100
ssl-proxy server my-ssl-proxy
class-map match-all ssl
2 match virtual-address 10.198.16.103 tcp eq https
class-map match-all vip
10 match virtual-address 10.198.16.103 tcp eq www
policy-map type loadbalance http first-match http
class class-default
serverfarm http
serverfarm host http
rserver 1-80 80
inservice
rserver 2-80 80
inservice
rserver host 1-80
ip address 10.198.16.99
inservice
rserver host 2-80
ip address 10.198.16.100
inservice
ssl-proxy service my-ssl-proxy
key key-test
cert cert-test
chaingroup my-chaingroup
Hope this helps!!!
