CSS11506 - SSL termination

Unanswered Question
Gilles Dufour Tue, 05/15/2007 - 04:24
User Badges:
  • Cisco Employee,

if you want to loadbalance on the backend side, you need an http content rule to catch the decrypted traffic from the internal ssl module.

So, when configuring the ssl cipher, you have to specify the ip and port where to send the decrypted traffic. This can be the server ip directly or it can also be a content rule on the CSS.

If you specific a vip:port you can then apply normal content rule features like loadbalancing but also cookie styckiness, ...

This is the recommended solution.



This Discussion