cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
467
Views
0
Helpful
2
Replies

SSL on css11503 not working

aolabisi
Level 1
Level 1

Hi all,

I'm trying to implement ssl on a css11503 (webns 720104) in a test environment. below is the config I have

ssl associate rsakey myrsakey1 CSSrsakey1

ssl associate dsakey mydsakey1 CSSdsakey1

ssl associate cert myrsacert1 myrsacertfile

ssl-proxy-list test_list1

ssl-server 10

ssl-server 10 vip address 19.10.24.25

ssl-server 10 rsacert myrsacert1

ssl-server 10 rsakey myrsakey1

ssl-server 10 dsakey mydsakey1

ssl-server 10 cipher rsa-with-3des-ede-cbc-sha 19.10.24.25 80

active

service ssl_serv1

type ssl-accel

slot 2

keepalive type none

add ssl-proxy-list test_list1

session-cache-size 20000

redundant-index 3

active

owner test_Owner

content test_Rule

add service test-1

add service test-2

redundant-index 1

vip address 19.10.24.25

protocol tcp

port 80

advanced-balance arrowpoint-cookie

balance weightedrr

active

content ssl-rule

vip address 19.10.24.25

protocol tcp

port 443

add service ssl_serv1

redundant-index 2

active

In my tests http://19.10.24.25 works fine, but https://19.10.24.25 does not. What am I missing?

thanks,

dayo

2 Replies 2

Gilles Dufour
Cisco Employee
Cisco Employee

are you sure your browser use this cypher

rsa-with-3des-ede-cbc-sha ?

Is the certificate valid ?

Do you see any hit of the corresponding content rule ?

Gilles

robin.tan
Level 1
Level 1

Hi,

I am going to try the same kind of setup as yours soon. I am interested to know if you manage to get it work? Was it really the cipher type causing the problem?

Thanks

Robin

Review Cisco Networking for a $25 gift card