Buy or Renew
Buy or Renew
NOTICE: You can now engage in the community. Learn about the great new Cisco Umbrella content.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1396
Views
0
Helpful
1
Replies

Cisco ACE End-to-End SSL Configuration !!!

Mubasher Sultan - 2x CCIE # 20149 (R&S | Sec)
Level 1
Level 1

‎05-13-2010 10:26 AM

Hi,,,

I want to know that what do we need at SSL based Servers to be ready for such type of configuration....

In this configuration, ACE behaves as SSL Client while Load Balalnced Servers are serving as SSL Server. Do they need Certificate or Key to be installed?

I need to advice the customer that what would be required to be configured for Load Balalnced Servers.

Appreciate for the help...

Thanks,,,

Regards,

Mubasher Sultan

Labels:
0 Helpful
1 Reply 1

dario.didio
Level 4
Level 4

‎05-14-2010 12:54 AM

Hi,

if you speak about end-to-end SSL, you do mean that a client connects to the VIP in SSL, the ACE terminates the SSL connection, performs some load-balancing decisions, reencrypts the traffic and sends it, again encrypted, to the server.

For that to work, you need a key-cert pair to do the SSL termination ==> SSL -proxy server

For the SSL initiation (ACE to server traffic) you do not need a key-cert pair  ==> SSL -proxy client

Take a look at following example on how this is configured:

http://www.cisco.com/en/US/products/hw/modules/ps2706/products_configuration_example09186a00809c6f37.shtml

HTH,

Dario

0 Helpful
Customers Also Viewed These Support Documents

Review Cisco Networking for a $25 gift card