Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
We are trying to implement Client Authentication through our CSS11506. Some of our users use a different certificate to authenticate. I have the ssl-proxy-list configured correctly, but when I try to add a 2nd cacert, I get a message saying a certi...
We are looking to upgrade our CSS11506 to WebNS 7.40 mainly for the added client authentication feature. Has anyone else implemented client authentication through a CSS1150x?One other question:Can you have multiple SSL Servers in a proxy list using ...
When you suspend a service, does the current connections to that service remain instact and only new connections are no longer sent to that service?Or are all connections severed?I've tried to do a search for this, but I'm getting conflicting results...
We have a CSS11506 w/ SSL terminator (Version 7.20.2.06). Currently we are using the SSL terminator to handle encryption/decryption with the self-sigend test certificate. Traffic from the client to the CSS11506 is over HTTPS.Behind the CSS11506 we ...
This may be a Citrix problem. It's been a while, but I've seen this issue with Citrix farms. I'm not sure exactly what the problem is, but you might want to look at the Citrix servers first.
Well I've gotten a step further. I can load multiple CACERTS into the content switch. However, it seems only the first CACERT I add is doing the authentication. If the client does not authenticate to the first cacert correctly, then it doesn't try...
In your "mrserver1" & "myserver2" service, add the following:string For instance:service myserver1 ip address 10.10.10.5 keepalive port 80 protocol tcp string myserver1 activeservice myserver2 ip address 10.10.10.6 keepalive port 80 protocol ...
As far as I know, no. There is no way to make a change to an ssl-proxy-list without first taking it offline.I do remember in a previous version you would even have to disable the service that was attached to the SSL-PROXY-LIST if you wanted to make ...
