SSL Termination without downtime when adding SSL servers
We have a number of SSL servers defined in a ssl-proxy-list on a CSS 11501 running 7.50.1.03. The ssl-proxy list is used in a HTTPS termination service.
When we want to add another SSL server to the ssl-proxy-list, I have to suspend the list, add the new SSL server and then activate the list. Even though the interruption is short, these steps make the current SSL server unavailable during the process. Is there a way to make the change without affecting availability of the existing servers?
Also, if we are using box-to-box redundancy, would there be away to solve the above problem (unless there is an easier solution)?
I agree with diro. This is how we do on our gears. Do it on the backup and then trigger a failover, do it on the other box now.
There is one more way. Try constructing a new proxy-list in parallel to the existing one. Yes you can have multiple proxy-lists (256?) but only one can be active. When ready suspend current proxy-list, remove it from the ssl-mod-service as well and add the new one.
Looking to expand your professional network? Interested in gaining an edge with exclusive technology insights?Engage with Cisco experts, share feedback on products and connect with peers from across the globe. Cisco Champion 2021 applications are open for...
Cisco Intersight Audit Logs provide information on events and actions performed within Intersight. Audit Logs are available in the Intersight UI from the gear icon->Audit Logs:
Audit Logs can be filtered in several ways (by User, Client IP Addr...
Cisco Champion Radio · S8|E1 Big Data Meets AI: Cisco Data Intelligence Platform
Tune in to hear from Cisco experts and Cisco Champions as they discuss 1) how Cisco’s extensive experience with big data infrastructure led to the introduction of the Cisco ...
Reimagine the Art of Possible with Your Network
Audience: Cloud & Network Infrastructure Executives and Decision Makers
Register Today! Click here
In today’s world, IT plays a key role helping organizations deliver applications and se...