Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
660
Views
0
Helpful
1
Replies

Presenting a Client Certificate from ACE?

kev-matthews
Level 1
Level 1

‎03-09-2011 02:11 AM

Hi Folks,

This is a bit of an odd one, so please stick with me!

A bit of background:

We currently visit a secure 3rd party website from our company, in order to identify our company to the website we have to use a client-side certificate to authenticate us (before we then login to the website).

As we have a large number of machines loading a client-certificate on to each one has not proved agile enough (this is more a legacy thing).  So to work around this we have used a Stunnel proxy which the clients are forwared too (HTTP), which then proxies the connection as HTTPS and provides the end website with the Client Cert and does all the bits for SSL.   The Stunnel service was meant to be a tempory workaround, about 3 or so years ago (don't you just love those?) and is hosted on a desktop PC which has recently started to crash - there's no real support on this either - which leads me onto the question:

Can the ACE module replace the Stunnel Box in this scenario?

Is it possibile to load a client certificate onto the ACE and get it to provide this to an end webserver.  I realise that the ACE is probably not designed for this function, however this would get us onto something more stable and has a better internal support function.

I've attached a really basic diagram of how the connectivity operates - but I'm happy to consider suggestions on alternative ways of doing it.

Thanks in advance

Kev

Labels:
Preview file
49 KB
0 Helpful
1 Reply 1

Surya ARBY
Level 4
Level 4

‎03-09-2011 02:28 AM

Hi.

It seems to be not possible : http://www.cisco.com/en/US/partner/docs/app_ntwk_services/data_center_app_services/ace_appliances/vA4_1_0/configuration/ssl/guide/initiate.html

I have to check if other products can do what you want, but I have some doubts...

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents