01-15-2014 07:29 PM
Hi All,
can you help clarify my understanding on how to configure SSL Acceleration..... I have do essentially do 3 things...
1st, enable the SSL Accelerator under Accelerator Optimization (at both data centre and branch office WAAS Devices), but this will do nothing on it's own.
Secondly, on the Data Centre WAAS, under SSL Accelerated Services, I have to create a service, that is 'bound' to the host/server that is providing SSL Services (ie any web host that uses https to). This will allow the WAAS to proxy the certificates that would normally flow between client and host.
Then, I need to repeat the above step for all SSL servers.
Finally, I need to ensure that Secure Storage is configured, so that when the WAAS decrypted the SSL packets, it will not be vunerable to allowing unauthorised viewing of that info. This is acheived simply by clicking 'initialize secure store' under Configure > Security > Secure Store
Thanks in advance!
Cheers, Simmo.
01-21-2014 04:43 AM
Hi,
Cisco WAAS has an option to create self-signed certificates and private keys/ Generate certificate signing request (Our own CA) or this can imported from existing certificate and key if we have them.
When a connection is requested, the WAN optimization device in the data center splits the original SSL connection from the client to the SSL server into two SSL connections. To the client the connection appears as the SSL server, and to the SSL server it appears as the SSL client. To act as the SSL server, the data center WAN optimization device needs an authentication certificate for each SSL service it is optimizing. When the WAN optimization device intercepts a connection request from a client, it uses the SSL server IP address/domain name to associate the certificate with the client.
You can refer below link for configuring the SSL and moreover you can view the white paper for example
01-23-2014 01:21 AM
Hi,
Please find the SSL Integration method between DC WAVE and Branch WAVEas below url
http://www.cisco.com/en/US/prod/collateral/contnetw/ps5680/ps6870/deployment_guide_c07-541981.html
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide