cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

Community Helping Community

483
Views
0
Helpful
0
Replies
Highlighted
Beginner

How to enable SSL optimization only for a single remote WAE and specific website?

Hi guys.

I have to enable SSL optimization for a specifc HTTPS website only and for a specific remote site only (branch office).

The scenario is as follows:

Multiple sites connected via a MPLS cloud. Each site has its own WAE device (module or appliance).

There is a central manager and core WAE in the main site (central site).

There is a website accessed via HTTPS by all the remote sites. This specific website is hosted within the main site.

For only a specific branch office (remote site) we want to enable SSL optimization for this specific website.

I saw this great and useful doc, but I still have some concerns.

https://supportforums.cisco.com/docs/DOC-16452

Basically, according to I see, I should do the following if I want to enable SSL optimization with the entire environment:

- export the certificate and keys;

- enable secure store in the central manager;

- In the remote and core WAE, Check "initialize CMS secure store" and "Open CMS Secure Store";

- In the core WAE, import the CA certificate (upload PEM file);

- In the core WAE, create the SSL Accelerated Service by:

    --importing the client certificate and the key;

    -- Match interesting traffic;

    -- Put the SSL Acc Service in service;

- Finally, make sure SSL acceleration is enabled in both remote and core WAE.

The concerns:

I only need to enable SSL optimization for a specific location accessing a specific website.

Should the steps above work fine If I enable the SSL service for this specific website in the core WAE and enabling secure store only in a single remote site (brach office)?

how will the other remote locations behave?

Will they access the website normally with no SSL optimization even passing thru the core WAE?

What about the other SSL sites which have no certificate? They will be treated as normal HTTPS with no optimization, right?

If the site uses proxy, will any flow be impacted?

If the steps above do not fit my case, how can I configure SSL optimization for only one remote WAE?

Thanks in advance.

importing  the client certificate and key (client.crt and client.key exported from  the Web server - See more at:  https://supportforums.cisco.com/docs/DOC-16452#sthash.3BKz05zU.dpu
CreatePlease to create content
Content for Community-Ad
FusionCharts will render here