Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
916
Views
0
Helpful
2
Replies

SSL Termination not working in ACE

Go to solution
krishnadas.R_2
Level 1
Level 1

‎06-28-2010 01:35 PM

Hi,


The context was configured for Load Balancing Port 80 and 443 traffic before the SSL Configs was Applied.
The SSL Termination is configured on ACE module running the software version  A2(1.6a) [build 3.0(0)A2(1.6a)

The load balacing is working without no issues, But when i do a https://abc.www.abc.qa/wps/portal/login
the browser reconganizes the certificate from ACE, but does not show up any thing, just shows  this symbol € 
in a blank page.

Plese let me know if you have any suggestions.

Thanks in Advance.


Here is the relevant config.
===================

crypto csr-params ABC-II-PRAMS
  country XX
  state XXXX
  locality XXXX
  organization-name abc council
  common-name abc.www.abc.qa
  serial-number 1
  email abc@abc.com


rserver host abcserver1
  ip address 10.14.1.165
  inservice
rserver host abcserver2
  ip address 10.14.1.177
  inservice


ssl-proxy service abc.www.proxy
  key abc-II-key.pem
  cert abc-II-cert.pem


serverfarm host abc.www.abc.qa-443
  failaction purge
  rserver abcserver1
    probe abcicmp
    inservice
  rserver abcserver2
    probe abcicmp
    inservice
serverfarm host abc.www.abc.qa-80
  failaction purge
  rserver abcserver1
    probe abcicmp
    inservice
  rserver abcserver2
    probe abcicmp
    inservice

sticky ip-netmask 255.255.255.255 address source abc.www.abc.qa-sticky-80
timeout 120
serverfarm abc.www.abc.qa-80

sticky ip-netmask 255.255.255.255 address source abc.www.abc.qa-sticky-443
timeout 120
serverfarm abc.www.abc.qa-443
!
!
class-map match-all abc.www.abc.qa-443
match virtual-address 10.14.1.203 tcp eq https
!
class-map match-all abc.www.abc.qa-80
match virtual-address 10.14.1.203 tcp eq www
!
!
policy-map type loadbalance first-match abc.www.abc.qa-VIP-443
class class-default
sticky-serverfarm abc.www.abc.qa-sticky-443
!
policy-map type loadbalance first-match abc.www.abc.qa-VIP-80
class class-default
sticky-serverfarm abc.www.abc.qa-sticky-80


policy-map multi-match abc-POLICY


class abc.www.abc.qa-80
    loadbalance vip inservice
    loadbalance policy abc.www.abc.qa-VIP-80
    loadbalance vip icmp-reply

  class abc.www.abc.qa-443
    loadbalance vip inservice
    loadbalance policy abc.www.abc.qa-VIP-443
    loadbalance vip icmp-reply
    ssl-proxy server abc.www.proxy

=============================

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Pablo
Cisco Employee
Cisco Employee

‎06-28-2010 02:15 PM

Hi,

You may want to check this thread I think it would be very helpful.

https://supportforums.cisco.com/thread/2027253

HTH

__ __

Pablo

Cisco TAC

View solution in original post

0 Helpful
2 Replies 2

Go to solution
Pablo
Cisco Employee
Cisco Employee

‎06-28-2010 02:15 PM

Hi,

You may want to check this thread I think it would be very helpful.

https://supportforums.cisco.com/thread/2027253

HTH

__ __

Pablo

Cisco TAC

0 Helpful

Go to solution
krishnadas.R_2
Level 1
Level 1
In response to Pablo

‎06-29-2010 12:22 AM

Hi,

It is working now, adding port 80 fixed  the issue.

Many Thanks.  5/5

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents