SSL-server cipher command
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-09-2005 11:20 PM
Good day,
Just like to find out what does the "ssl-server xxx cipher" command do? is it something to do with SSL module & web servers communication?
i have this command on my configuration but it seems that the CSS donot talk to the web servers properly.
!*********************** SSL PROXY LIST ***********************
ssl-proxy-list SSL-LIST01
ssl-server 100
ssl-server 100 vip address 10.180.6.1
ssl-server 100 rsakey RSAKEYASSOCIATION1
ssl-server 100 rsacert CERTASSOCIATIO1
ssl-server 100 cipher rsa-with-rc4-128-sha 10.180.6.1 80
active
!************************** SERVICE **************************
service DETDRSERVER01
ip address 10.180.6.35
port 80
active
service DETDRSERVER02
ip address 10.180.6.37
port 80
active
service SSL-MODULE01
type ssl-accel
keepalive type none
slot 3
add ssl-proxy-list SSL-LIST01
active
!*************************** OWNER ***************************
owner OWNER
content DRSERVERS-HTTP-RULE
vip address 10.180.6.1
balance aca
add service MYDRSERVER02
add service MYDRSERVER01
protocol tcp
port 80
active
content DRSERVERS-SSL-RULE
vip address 10.180.6.1
application ssl
protocol tcp
port 443
add service SSL-MODULE01
active
when i tried it from IE, I get the certificate but it doesn't connect to the web server homepage.
What is the command to see the traffic between CSS & web servers.
Any help appreciated.
Thanks.
- Labels:
-
Application Networking
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-14-2005 05:22 AM
To assign a cipher suite to the virtual SSL server, use the ssl-server number cipher command. For each available SSL version, there is a distinct list of supported cipher suites representing a selection of cryptographic algorithms and parameters. Your choice depends on your environment, certificates and keys in use, and security requirements. By default, no supported cipher suites are enabled. Use the no form of this command to remove a cipher suite from the server.
For more information have a look at http://www.cisco.com/en/US/products/hw/contnetw/ps792/products_command_reference_chapter09186a008011940f.html#1139899
