SSL Termination without downtime when adding SSL servers
We have a number of SSL servers defined in a ssl-proxy-list on a CSS 11501 running 7.50.1.03. The ssl-proxy list is used in a HTTPS termination service.
When we want to add another SSL server to the ssl-proxy-list, I have to suspend the list, add the new SSL server and then activate the list. Even though the interruption is short, these steps make the current SSL server unavailable during the process. Is there a way to make the change without affecting availability of the existing servers?
Also, if we are using box-to-box redundancy, would there be away to solve the above problem (unless there is an easier solution)?
I agree with diro. This is how we do on our gears. Do it on the backup and then trigger a failover, do it on the other box now.
There is one more way. Try constructing a new proxy-list in parallel to the existing one. Yes you can have multiple proxy-lists (256?) but only one can be active. When ready suspend current proxy-list, remove it from the ssl-mod-service as well and add the new one.
Cisco® Nexus® Dashboard revolutionizes operations in today’s modern data-center environments. Join us to learn about the operational efficiencies realized from the seamless user experience of the dashboard and the powerful capabilities of Cisco Nexus Insi...
The HTML5 plug installation is successful. But I get the following error while I click on AVE. The other icons are showing up the results except AVE. Please let me know your SME thoughts on this error.
No VmmDomains Found
This session will help administrators and architects leverage SAN Insights Discovery to help understand the current status of their SAN fabric and help identify areas of opportunity for improvement. The attendees will learn the process, architecture, and ...
Join us to learn about the operational efficiencies realized from the seamless user experience of the dashboard and the powerful capabilities of Cisco Nexus Insights (NI), Cisco Network Assurance Engine (NAE), and Cisco Multi-Site Orchestrator (MSO). The ...
Cisco Intersight's Terraform Provider is now available in the Terraform Registry at https://registry.terraform.io/providers/CiscoDevNet/intersight/latest. The provider has Terraform resource and data source support for the wide range of Inters...