Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
927
Views
0
Helpful
7
Replies

Backend SSL and http keepalives

dennis-hess
Level 1
Level 1

‎09-02-2005 10:11 AM

I know it's not possible to do ssl keepalives but I have the need to do more than port keepalives on a ssl web site due to the page failing at times. I'm about to implement back-end ssl with an ssl module and I'd like to make a keepalive to a html page. Can I just put a http keepalive on the backend service? I checked the config guides and CCO and I couldn't find guidance as to whether this would work. Thanks DH

Labels:
0 Helpful
7 Replies 7

casablancag
Level 1
Level 1

‎09-02-2005 11:14 AM

Hi

from my point of view, it is possible to do an ssl keepalive with version 7.5. I've tested it and it works fine.

0 Helpful

dennis-hess
Level 1
Level 1
In response to casablancag

‎09-02-2005 01:36 PM

We're still running 7.3. I'll look at 7.5 and consider upgrading but I'm still curious about the original question. Also, I shouldn't have said ssl keepalives but rather https page keepalives. I need to check more than the port to ensure functionality. Thanks

0 Helpful

casablancag
Level 1
Level 1
In response to dennis-hess

‎09-02-2005 10:07 PM

Yes i made an encripted http get. It works fine

0 Helpful

dennis-hess
Level 1
Level 1
In response to casablancag

‎09-04-2005 10:01 AM

Ah ok... thanks casablanca, I was wondering about that. Normally I'd just try it and find out but I don't have a test box and I need an answer for the app folks. So did you just put the http keepalive on the backend service, like so? If not, would you be so kind as to post a config example? Thanks!

service backend2

ip address 10.1.1.21

type ssl-accel-backend

port 81

keepalive port 8003

add ssl-proxy-list my_secure_site

keepalive type http

keepalive method get

keepalive uri "/index.html"

protocol tcp

active

0 Helpful

Gilles Dufour
Cisco Employee
Cisco Employee
In response to dennis-hess

‎09-03-2005 01:16 AM

You can't do HTTPS keepalive unless you have 7.50.

If you don't have 7.50, all you can is check the first step of the SSL negotiation.

Regards,

Gilles.

0 Helpful

dennis-hess
Level 1
Level 1
In response to Gilles Dufour

‎09-04-2005 09:49 AM

Thanks Gilles,

I'll investigate upgrading to 7.50. How about the original question? I guess you're saying that is it not possible with pre 7.50 code to configure http keepalives on the backend service. In other words, the CSS will do a http keepalive which the ssl module then encrypts with ssl and sends to the back end server?

Thanks

0 Helpful

Gilles Dufour
Cisco Employee
Cisco Employee
In response to dennis-hess

‎09-04-2005 11:01 PM

you can do http keepalive with any version on a backend service.

All you need is this :

keepalive type http

keepalive port 80

keepalive uri "..."

The CSS does not require the service type to match the keepalive type.

Regards,

Gilles

0 Helpful
Customers Also Viewed These Support Documents

Review Cisco Networking for a $25 gift card