08-19-2009 06:49 AM
hello,
I have a problem found any guide, which describes SSL termination on ACE Web Application Firewall.
I have terminated outside connection on ACE, then load-balance two WAF. I need terminate SSL after ACE, on WAF.
Can anybody redirect me to any 'howto'? Cisco doc is not clear for me.
martin
08-20-2009 03:02 AM
Hi MArtin,
Kindly find some links , might be they useful for you:
1. Configure ACE with SSL Termination and URL Rewrite
2. SSL Termination on the Cisco Application Control Engine Without an Existing Chained Certificate and Key in Routed Mode Configuration Example
3. Cisco Application Control Engine (ACE) Module Troubleshooting Guide, Release A2(x) -- Troubleshooting SSL
http://docwiki.cisco.com/wiki/Cisco_Application_Control_Engine_(ACE)_Module_Troubleshooting_Guide,_Release_A2(x)_--_Troubleshooting_SSL
Sachin garg
08-20-2009 12:34 PM
Hello Sachin,
all this links shows SSL termination on ACE module/appliance. I have no problem with this. I will terminate SSL on 'ACE Web Application Firewall (WAF)' (ACE XML Gateway). I found some design guides and there was described three designs:
1. SSL terminated on ACE module, over WAF clear HTTP
2. SSL through ACE module, SSL terminated on WAF, after WAF clear HTTP
3. SSL over ACE, SSL terminated on WAF and next SSL to server
I need configure design 2.
Reason: I have two context placed on different network location (for example two DMZs) for incomming HTTPS traffic. From both contexts is connection directed to same WAF. It's clear for me terminate SSL on one place (WAF), as on two places (two contexts).
martin
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: